Relying Party

From IDESG Wiki
Jump to navigation Jump to search

Status: Proposed
This concept has been submitted as a new entry to the Concept Catalog. It has not yet been validated or reviewed.

Description

Add text...

Rationale

Add text...

Value and Context for Use in IDESG

The relying party is one of the three major categories of Digital Entity along with User Agent and Identity Provider.

Formal Definition

Add text...

Source materials used

  • Add list item

Potential problems

  • Add list item

Disambiguation

  • Add item

Same term, different concept?

  • An entity that relies upon the Subscriber's token and credentials or a Verifier's assertion of a Claimant's identity, typically to process a transaction or grant access to information or a system. NIST SP 800-63-1
  • Entity requesting Backend Attributes typically to support PIV Cardholder authentication, authorization, or emergency events.BAE Overview
  • A person or Entity who has received information that includes a certificate and a digital signature verifiable with reference to a public key listed in the certificate, and is in a position to rely on them. X.509 Certificate Policy For The Federal Bridge Certification Authority
  • An entity that relies upon the Subscriber's credentials or Verifier's assertion of an identity, typically to process a transaction or grant access to information or a system. FICAM TFPAP 1.0.1
  • A network entity providing the desired service, and relying upon Digital Identity. OASIS IMI 1.0
  • A recipient of a certificate who acts in reliance on that certificate and/or any digital signatures verified using that certificate. http://www.ietf.org/rfc/rfc3647.txt InCommon Glossary
  • An entity that relies upon a subscriber's credentials, typically to process a transaction or grant access to information or a system. Kantara IAF 1100
  • An entity that relies upon the subscriber's credentials, typically to process a transaction or grant access to informaiton or a system. NIST SP 800-73 Part 1
  • [Entity that] makes transaction decisions based upon its receipt, validation, and acceptance of a subject's authenticated credentials and attributes. Within the Identity Ecosystem, a relying party selects and trusts the identity and attribute providers of their choice, based on risk and functional requirements. Relying parties are not required to integrate with all permutations of credential types and identity media. Rather, they can trust an identity provider's assertion of a valid subject credential, as appropriate. Relying parties also typically need to identify and authenticate themselves to the subject as part of transactions in the Identity Ecosystem. Relying parties can choose the strength of the authentication and attributes required to access their services. NSTIC Strategy
  • A Web application that wants proof that the end user controls an Identifier. OpenID Authentication 2.0
  • A recipient of a certificate who acts in reliance on that certificate and/or any digital signatures verified using that certificate. In this document, the terms "certificate user" and "relying party" are used interchangeably. RFC 3647
  • A system entity that decides to take an action based on information from another system entity. For example, a SAML relying party depends on receiving assertions from an asserting party (a SAML authority) about a subject. OASIS SAML Glossary 2.0
  • A party responsible for a Relying Party Agent and on whose behalf that Agent acts. A Relying Party is relying on the services provided by a Yadis Resource, in particular on data provided by that service concerning the person identified by a Yadis ID. Yadis 1.0

Different term, same concept?

  • In OpenID Connect the relying party is referred to as a client in the sense that the IdP gets consent from the user to give the client access to [[User Private