Lexicon Changes

DRAFT 2.3, Paul Trevithick

Summary of changes

(A) 6 New Terms: PARTY, AGENT, RELYING PARTY, IDENTITY PROVIDER, CLAIMANT, IDENTITY CONTEXT

(B) 4 New Comments

(C) Deletion of USER Term (until a new, improved definition is created)

(D) Changing several instances of "DIGITAL SUBJECT" to the more specific "PARTY"

(A) New Terms

PARTY: A 'digital subject' that represents a natural person or a juridical entity [PaulT, JoaquinM]

AGENT: A 'digital subject' that represents a computer system or device that has been delegated (authority, responsibility, a function, etc.) by and acts for a 'party' (in exercising the authority, carrying out the responsibility, performing the function, etc.) [JoaquinM, X.911, PaulT]

RELYING PARTY: a 'party' that makes known through its 'agent' one or more alternative sets of 'claims' that it desires or requires, and receives through this same 'agent' a 'digital identity' purportedly including the required 'claims' from an 'identity provider' or other 'agent' of another 'party'. [JoaquinM, DaveK, DickH, Johannes]

[DIGITAL] IDENTITY PROVIDER: an 'agent' that issues a 'digital identity' [PaulT, ScottL]

CLAIMANT: a 'party' that makes a 'claim'

IDENTITY CONTEXT: The surrounding environment and circumstances that determine meaning of 'Digital Identities' and the policies and protocols that govern their interactions. [DaveK,PaulT]

(B) New Comments

In addition, the following comments are to be added to our definition of 'digital identity':

Comment1: A 'digital identity' may contain claims made by multiple 'claimants'. [DickH]

Comment2: A 'digital identity' may be signed by an 'identity provider' to provide assurance to a 'relying party' [ConorC]

And this to our definition of 'claim':

Comment: 'claims' may or may not be directed to specific 'relying parties' [KimC, DickH, PaulT]

Comment: a 'claim' is an association between a 'claimant' and an 'attribute'; a {claimant, attribute} pair. [PaulT]

(C) Deletions

I know this sounds hard to believe, but we still do not have a concise way to describe what we mean by "USER" in a USER-centric identity system. I can mumble on about what I mean as follows: You know, the one who kind of sits in the middle of the action, the person who creates digital identities representing themselves in various contexts, the one who manually/explicitly controls the release of their 'digital identities' to 'relying parties', the person who selects from among multiple persona a particular 'digital identity' to use in a certain context, the one who sets up repository/'agents' that contain their 'digital identities', the term that Kim used 88 times in his "laws" page and sits in the middle of Dick's Sxip diagrams. That user.

The attempt we had made (see below) is wrong. Wrong because there are cases where the person about which claims are being made ISN'T the person playing the role I was trying to describe in the previous para.

So, for now I propose to delete this definition and comment from the wiki:

USER: the 'digital subject' representing the 'entity' (typically human) about which claims are being made [PaulT, DaveK]

Comment: The term user has this intentionally narrow meaning within the context of user-centric identity systems. In truth any system implementation would have users acting in other roles, such as that of identity provider or relying party. [PaulT]

(D) 'Digital Subject'->'Party' changes to existing definitions

Several of the 'digital subject's on the wiki can be replaced with 'party'. For example:

Digital Identity: The digital representation of a set of 'claims' made by one 'digital subject' about itself or another 'digital subject'

Should be:

Digital Identity: The digital representation of a set of 'claims' made by one 'party' about itself or another 'digital subject'

And:

CLAIM: An assertion made by a 'digital subject' of the value or values of one or more 'attributes' of a 'digital subject', typically an assertion which is disputed or in doubt"

Should be:

CLAIM: An assertion made by a 'party' of the value or values of one or more 'attributes of a 'digital subject', typically an assertion which is disputed or in doubt"