Document status: Working draft
The common Level of Assurance metric was conceived for a specific legal, technical and business context and does not fulfill the requirements for a comprehensive identity assurance metric. The requirements for a more complete metric are to communication the assurance level in public and private sectors, PKI and non-PKI technologies, and serve providers and users.
...
- What qualities does the assurance between actors in a trust relationship encompass?
- How to communicate a policy that assures these qualities - a simple number or more complex data?
Re 1.) Assurance scope
The qualities that need to be assured are information security and privacy, according to the scope of the TFMM. The Relying Party perspective is usually depicted with the LoA. The following picture shows LoA and an alternative model based on credential life and usage cycles.
