User Experience of a Trust Framework
Introduction
For a trust framework to have value for a user, two criteria are important:
- The user can know if any particular web page is compliant with a trust framework.
- The user can determine the impact that the trust framework has on their experience.
Requirements
- Any user agent, such as a browser or web application, can query online, to get confirmation of compliance with the framework.
- A trademarked logo of the confirmation compliance is available for the user's agent to display.
- That display of compliance (aka Trustmark) can be queried by the user (for example as a tool-tip).
- The indication of compliance will include a testable URI(s) of the Distinguished Name (DN) form used in an TLS certificate so that the user agent is able to compare it to the current site URL to confirm that compliance is applicable to the current page.
- While there is no limitation provided on the number of Trustmarks a web site can deploy, it is a requirement that the user easily understand the terms that apply to any page without extra effort on their part.
References
- The wiki page Trustworthy Healthcare Ecosystem describes the User Experience using the Health Care Profile.