Certification: A description of the service that support issuers of license and other certificates to users.

VICAL

Certificates are needed to block attempts to reuse a valid credential from one person for any other user.

Issues of licenses need certification.

Register a Website certificate

Sources for Digital credential cards will also need certification.

  • The primary purpose of a Credential Service Provider (CSP or CP) is the provisioning of credentials or certificates that can be trusted. For example an HL7 report of a COVID-19 test is not in the form of a Verifiable Credential and is not bound to a user’s digital identifier. A CSP can be used to provide assertions for any identifier, attribute or authentication method. These can be combined .

Terminology

  • The steps to create a Issueing Auhtority (IA) have been implemented in several states for their Driver's Licenses.
  • Issuers of licenses or other certificates to users must also support a Issuing Authority Certificate Authority (IACA) end point.
  • This server provides a Verified issuer certificate authority list (VICAL, aka Master List) as defined in ISO 18013-5 to contain the IACA "root" certificates.
  • The Root of trust for all issuers of licenses is the VICAL defined in a Certificate Practice Statment (CPS) per ISO 18013-5 Annex C, That annex asserts that this same list could be used for other purposes like the existing card formats for access to the user's records.
  • That CPS needs to be developed into a list of service assessment criteria (SAC) that can be used to evaluate the service.
  • The next step is to allow testing of this VICAL test bed.
  • The CA|B forum defines a set of criteria that can serve as a paradigm for this program.