Field Guide

Mesh Federation

Mesh Federation A Mesh Federation provides a legal and policy umbrella so that institutions can interact with one another but does not specify technical methods. Each member organization issues digital identities for its people and the federation agreement provides the legal framework for them to use one another’s resources.  The federation agreement might specify governance, […]

Peer-to-Peer Trust and Identity

Peer-to-Peer Identity When no central identity provider or governance agreement is present, participants assert their own identities and each individual decides who they trust and who they do not.  Each participant is a peer with equal standing and each can communicate with anyone else in the network. Examples:  The most familiar peer-to-peer network is probably […]

Centralized Token Issuance, Distributed Enrollment

A special case peer-to-peer network. Participants want to establish trusted identities that can be used securely for ongoing, high-value communication among organizations.  A trusted, central provider issues identity tokens which are then enrolled independently by each service provider. Service providers are not required to cooperate or accept one another’s enrollments. Examples: The most common examples […]

Pairwise Agreement

Two institutions want to trust identities issued by one another, but there is no outside governance or policy framework for them to do so.  They negotiate a specific agreement that covers only the two of them. Each institution trusts the other to properly manage the identities that it issues. Examples: A pairwise agreement can specify […]