Interop Req 3
<< Back to Baseline Functional Requirements Index
INTEROP-3. STANDARDIZED CREDENTIALS
Entities that issue credentials or assertions MUST issue them in a format that conforms to public open STANDARDS listed in the IDESG Standards Registry, or if that Registry does not include feasible options, then to nonproprietary specifications listed in the IDESG Standards Inventory.
This Requirement applies to entities that issue identity credentials or assertions and requires that the formats conform to IDESG approved standards and/or open standards listed in the IDESG Standards Inventory. The intent of this Requirement is to ensure that credentials or assertions are capable of being accepted by interoperable solutions. This Requirement recognizes that sufficient options exist today that entities should not need to use proprietary credential structures, but the developing IDESG Standards Registry may not yet include references to all appropriate, useful standards or specifications pertaining to credential issuance.
Regarding "nonproprietary specifications", see Appendix A.
Reference for open standards: OMB Circular A-119: Federal Participation in the Development and Use of Voluntary Consensus Standards and in Conformity Assessment Activities, https://www.whitehouse.gov/omb/circulars_a119
Reference for roles, functions, and operations, IDESG Functional Model, https://workspace.idesg.org/kws/public/download.php/53/IDEF-Functional-Model-v1.0.pdf
Reference examples of published credential or assertion formats:
- SAML 2.0 Attribute Assertions with XACML 3.0, http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/xacml-saml-profile-v2.0.html
- Open ID Connect with Java Web Tokens (JWT): http://openid.net/developers/libraries/