User Agent Assurance

Full Title or Meme

This is an abstract concept that covers any combination of software and hardware that can be assured to faithfully represent any part of a user's presence or intentions on the web.

Context

This extends a prior effort to specify a means to report Software Compliance Attestation for Native Apps for US Healthcare to Web Apps and devices like FIDO2.
There are two relevant standards, both of which are up for review on 2021-01-01
- ISO/IEC 29115 Entity Authentication Assurance
- Nist SP 800-63-3B

Solutions

Native Apps

 {
   "id": 1,
   "name": "us.trustworthy.agent",
   "version": "1",
   "platform": "Android",
   "min_platform": "23",
   "source": null,
   "jurisdiction": "us-wa",
   "user_authn": null,
   "dateRegistered": 1576358115,
   "url": "https://trustregistry.us/csp",
   "trust_registry": "US Healthcare Assurance Framework"
 },

Web Apps

 {
   "id": 1,
   "name": "us.trustworthy.agent",
   "version": "1",
   "platform": "ServiceWorker",
   "min_platform":null,
   "source": 
       {
        "developer":"Fred's software shop',
         "key": "...key..."
        }
   "jurisdiction": "us-wa",
   "user_authn": null,
   "dateRegistered": 1576358115,
   "url": "https://trustregistry.us/csp",
   "trust_registry": "US Healthcare Assurance Framework"
 },

FIDO Authenticators

References

Device Integrity supporting User Authentication Use case from 2013

User Agent Assurance

Contents

Full Title or Meme

Context

Solutions

Native Apps

Web Apps

FIDO Authenticators

References

Navigation menu

User Agent Assurance

Full Title or Meme

Context

Solutions

Native Apps

Web Apps

FIDO Authenticators

References

Navigation menu

Search