Certification: A description of the service that support issuers of license and other certificates to users.
VICAL
Certificates are needed to block attempts to reuse a valid credential from one person for any other user.
Issues of licenses need certification.
Register a Website certificateSources for Digital credential cards will also need certification.
- The primary purpose of a Credential Service Provider (CSP or CP) is the provisioning of credentials or certificates that can be trusted. For example an HL7 report of a COVID-19 test is not in the form of a Verifiable Credential and is not bound to a user’s digital identifier. A CSP can be used to provide assertions for any identifier, attribute or authentication method. These can be combined .
Terminology
- The steps to create a Issueing Auhtority (IA) have been implemented in several states for their Driver's Licenses.
- Issuers of licenses or other certificates to users must also support a Issuing Authority Certificate Authority (IACA) end point.
- This server provides a Verified issuer certificate authority list (VICAL, aka Master List) as defined in ISO 18013-5 to contain the IACA "root" certificates.
- The Root of trust for all issuers of licenses is the VICAL defined in a Certificate Practice Statment (CPS) per ISO 18013-5 Annex C, That annex asserts that this same list could be used for other purposes like the existing card formats for access to the user's records.
- That CPS needs to be developed into a list of service assessment criteria (SAC) that can be used to evaluate the service.
- The next step is to allow testing of this VICAL test bed.>
- The CA|B forum defines a set of criteria that can serve as a paradigm for this program.