The text states that (amongst other roles), also a Participant can execute the operation 'Create Participant Entry'. This is inconsistent with the text in the business layer, that says "The Support Organization introduces a new Participant by creating its digital identity and at the same time registers security-critical at the DAPS and business-relevant attributes at the ParIS."
The Participant role should be removed from the first row, third column, of the table in the section process layer.
The reason for this is twofold.
the business layer section says that the creation of a Participant record is what introduces a party as a Participant. This means that a Participant is already registered, and hence cannot create its self-description (it can update it, but not create it)
if an arbitrary party were enabled to add a participant record with a self-description, any scrutiny would of that would need to be done after the fact, introducing potential business risks.
What part of the repository is this related to?
https://github.com/International-Data-Spaces-Association/IDS-G/tree/main/Components/IdentityProvider/ParIS
What exactly should be changed?
The text states that (amongst other roles), also a Participant can execute the operation 'Create Participant Entry'. This is inconsistent with the text in the business layer, that says "The Support Organization introduces a new Participant by creating its digital identity and at the same time registers security-critical at the DAPS and business-relevant attributes at the ParIS."
The Participant role should be removed from the first row, third column, of the table in the section process layer.
The reason for this is twofold.