Devise a CAWG Level of Assurance Scheme Attributable to Identity Aggregators #214
Description
A separate issue has been opened to suggest adding a level of assurance field and source to identity assertions. This issue recommends that we design our own levels of assurance for identity aggregators.
Identity aggregators gather identifiers from varying sources that have (or do not have) varying supporting identity proofing activities. Therefore, it requires a CAWG - specific scheme of levels of assurance to convey the degrees of confidence a relying party should have in the aggregated identity credential it creates on the identity credential.
We can use generally accepted schemes of NIST, ISO and eIDAS but they do not completely fit CAWG purposes. We should start with them and modifiy them for identity aggregator purposes. If following the LoA scheme, we can communicate the level in the LoA field and identify its source as "Identity Aggregator" (or whatever makes sense in the final issuance of the spec).
- I have read the CLA Document and I hereby sign the CLA.