User Experience of a Trust Framework

From IDESG Wiki
Revision as of 02:33, 6 June 2019 by Tomjones (talk | contribs) (→‎References)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Introduction

For a trust framework to have value for a user, two criteria are important:

  1. The user can know if any particular web page is compliant with a trust framework.
  2. The user can determine the impact that the trust framework has on their experience.

Requirements

  1. Any user agent, such as a browser or web application, can query online, to get confirmation of compliance with the framework.
  2. A trademarked logo of the confirmation compliance is available for the user's agent to display.
  3. That display of compliance (aka Trustmark) can be queried by the user (for example as a tool-tip).
  4. The indication of compliance will include a testable URI(s) of the Distinguished Name (DN) form used in an TLS certificate so that the user agent is able to compare it to the current site URL to confirm that compliance is applicable to the current page.
  5. While there is no limitation provided on the number of Trustmarks a web site can deploy, it is a requirement that the user easily understand the terms that apply to any page without extra effort on their part.

References