Interop Req 3

<< Back to Baseline Functional Requirements Index

INTEROP-3. STANDARDIZED CREDENTIALS

Entities that issue credentials or assertions MUST issue them in a format that conforms to public open STANDARDS listed in the IDESG Standards Registry, or if that Registry does not include feasible options, then to nonproprietary specifications listed in the IDESG Standards Inventory.

SUPPLEMENTAL GUIDANCE

This Requirement applies to entities that issue identity credentials or assertions and requires that the formats conform to IDESG approved standards and/or open standards listed in the IDESG Standards Inventory. The intent of this Requirement is to ensure that credentials or assertions are capable of being accepted by interoperable solutions. This Requirement recognizes that sufficient options exist today that entities should not need to use proprietary credential structures, but the developing IDESG Standards Registry may not yet include references to all appropriate, useful standards or specifications pertaining to credential issuance.

Regarding "nonproprietary specifications", see Appendix A.

REFERENCES

Reference for open standards: OMB Circular A-119: Federal Participation in the Development and Use of Voluntary Consensus Standards and in Conformity Assessment Activities, https://www.whitehouse.gov/omb/circulars_a119

Reference for roles, functions, and operations, IDESG Functional Model, https://workspace.idesg.org/kws/public/download.php/53/IDEF-Functional-Model-v1.0.pdf

Reference examples of published credential or assertion formats: