Interop Req 2

From IDESG Wiki
Jump to: navigation, search

<< Back to Baseline Functional Requirements Index

INTEROP-2. THIRD PARTY CREDENTIALS

Entities who issue credentials or assertions MUST issue them using content and methods that are capable of being consumed for multiple purposes and multiple recipients.

SUPPLEMENTAL GUIDANCE

This Requirement applies to entities that issue identity credentials and/or assertions and requires that the credentials/assertions issued by such entities may be accepted by multiple THIRD-PARTIES (such as RELYING PARTIES). This does not require that such credentials/assertions must be accepted by all THIRD-PARTIES; rather, the Requirement is that credentials/assertions may be accepted by multiple (more than one) THIRD-PARTIES. Single-purpose Identity credentials/assertions that are used exclusively for access to a single enterprise/online resource that are not permitted for authentication by any external THIRD-PARTY would not conform to this Requirement.

This Requirement addresses the format or expression of the credential or assertion data itself and policies for its use, and not its method of exchange, which is addressed in INTEROP-04 (STANDARDIZED DATA EXCHANGES)

REFERENCES

IDESG Functional Model: https://workspace.idesg.org/kws/public/download.php/53/IDEF-Functional-Model-v1.0.pdf

APPLIES TO ACTIVITIES

CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION

KEYWORDS

ASSERTION, CREDENTIAL, INTEROPERABILITY, THIRD-PARTIES



Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |