User Agent Assurance: Difference between revisions
Jump to navigation
Jump to search
| Line 24: | Line 24: | ||
===Web Apps=== | ===Web Apps=== | ||
{ | |||
"id": 1, | |||
"name": "us.trustworthy.agent", | |||
"version": "1", | |||
"platform": "ServiceWorker", | |||
"min_platform":null, | |||
"source": | |||
[l"developer":"Fred's software shop', | |||
"key": "...key..." | |||
} | |||
"jurisdiction": "us-wa", | |||
"user_authn": null, | |||
"dateRegistered": 1576358115, | |||
"url": "https://trustregistry.us/csp", | |||
"trust_registry": "US Healthcare Assurance Framework" | |||
}, | |||
===FIDO Authenticators=== | ===FIDO Authenticators=== | ||
Revision as of 21:06, 14 January 2021
Full Title or Meme
This is an abstract concept that covers any combination of software and hardware that can be assured to faithfully represent any part of a user's presence or intentions on the web.
Context
- This extends a prior effort to specify a means to report Software Compliance Attestation for Native Apps for US Healthcare to Web Apps and devices like FIDO2.
- There are two relevant standards, both of which are up for review on 2021-01-01
- ISO/IEC 29115 Entity Authentication Assurance
- Nist SP 800-63-3B
Solutions
Native Apps
{
"id": 1,
"name": "us.trustworthy.agent",
"version": "1",
"platform": "Android",
"min_platform": "23",
"source": null,
"jurisdiction": "us-wa",
"user_authn": null,
"dateRegistered": 1576358115,
"url": "https://trustregistry.us/csp",
"trust_registry": "US Healthcare Assurance Framework"
},
Web Apps
{
"id": 1,
"name": "us.trustworthy.agent",
"version": "1",
"platform": "ServiceWorker",
"min_platform":null,
"source":
[l"developer":"Fred's software shop',
"key": "...key..."
}
"jurisdiction": "us-wa",
"user_authn": null,
"dateRegistered": 1576358115,
"url": "https://trustregistry.us/csp",
"trust_registry": "US Healthcare Assurance Framework"
},
FIDO Authenticators
References
- Device Integrity supporting User Authentication Use case from 2013