Consent to Create Binding: Difference between revisions
Jump to navigation
Jump to search
| Line 6: | Line 6: | ||
In an environment where a subject is requesting the establishment of a binding between it's private key and a Provider of any identifier services, the implicit assumption has been that the action of the subject on the website is sufficient. In today's world of gathering a subject's most private information some better means of capturing subject consent is urgently needed. | In an environment where a subject is requesting the establishment of a binding between it's private key and a Provider of any identifier services, the implicit assumption has been that the action of the subject on the website is sufficient. In today's world of gathering a subject's most private information some better means of capturing subject consent is urgently needed. | ||
===Existing Methods=== | ===Existing Methods=== | ||
# While it is true that methods exist for individual subjects to acquire a certificate for signing emails and receiving encrypted email, the adoption of that method outside of th enterprise is essentially failed and will not be considered as a paradigm for this effort. | |||
# The most common request today is for an SSL or EV certificate from a Certificate Authority (CA) which works reasonably well for what it is intended to do. While it is possible to set up a CA of your own, we will address the more common case of a CA that has been approved by the major browser vendors. Before the process begins the user selects a Distinguished Name for the site based on the rules established by the CA/B forum. | # The most common request today is for an SSL or EV certificate from a Certificate Authority (CA) which works reasonably well for what it is intended to do. While it is possible to set up a CA of your own, we will address the more common case of a CA that has been approved by the major browser vendors. Before the process begins the user selects a Distinguished Name for the site based on the rules established by the CA/B forum. | ||
==Solution== | |||
The following is the current understanding of what needs to be included in a Consent for Binding Request. | |||
Subject<blockquote></blockquote> | |||
Subject<blockquote></blockquote> | |||
Subject<blockquote></blockquote> | |||
Subject<blockquote></blockquote> | |||
Subject<blockquote></blockquote> | |||
Subject<blockquote></blockquote> | |||
Subject<blockquote></blockquote> | |||
Subject<blockquote></blockquote> | |||
Subject<blockquote></blockquote> | |||
Revision as of 20:40, 8 September 2019
Full Title
The definition of a message to carry consent from a subject to a Credential Service Provider.
Context
In an environment where a subject is requesting the establishment of a binding between it's private key and a Provider of any identifier services, the implicit assumption has been that the action of the subject on the website is sufficient. In today's world of gathering a subject's most private information some better means of capturing subject consent is urgently needed.
Existing Methods
- While it is true that methods exist for individual subjects to acquire a certificate for signing emails and receiving encrypted email, the adoption of that method outside of th enterprise is essentially failed and will not be considered as a paradigm for this effort.
- The most common request today is for an SSL or EV certificate from a Certificate Authority (CA) which works reasonably well for what it is intended to do. While it is possible to set up a CA of your own, we will address the more common case of a CA that has been approved by the major browser vendors. Before the process begins the user selects a Distinguished Name for the site based on the rules established by the CA/B forum.
Solution
The following is the current understanding of what needs to be included in a Consent for Binding Request.
Subject
Subject
Subject
Subject
Subject
Subject
Subject
Subject
Subject