Question about connector identity

[DominikPinsel]

Hello everyone,

I've a question regarding the DAPS and the Identity Provider interplay.

The Information Model says

• "the DAPS acts as digital proof for connectors and participants" (https://international-data-spaces-association.github.io/InformationModel/docs/index.html#DAPS)
• "the Identity Provider validates Participants" (https://international-data-spaces-association.github.io/InformationModel/docs/index.html#IdentityProvider)

My questions would be:

• Does a connector has it's own identity that is verifyable?
• How is that identity mapped to the identity of a participant?

sub> Dominik Pinsel <dominik.pinsel@daimler.com, Daimler TSS GmbH, legal info/Impressum

[juliapampus]

@gbrost @sebbader

[gbrost]

Hi,

1. Yes, each connector has its own identity (X.509 certificate & private key).
2. The connector provides its setf description and there we have the link to the participant.

Best Gerd

[MoritzKeppler]

thx! But the self description isn't something a caller can trust, right? It's not signed/certified somehow. Wouldn't it be better if the link to the participant is included in the DAT token? question is maybe related to #259 _{Moritz Keppler moritz.keppler@daimler.com, Daimler TSS GmbH, legal info/Impressum}

[gbrost]

Good point and possibly a desirable feature. But this is not part of the reality yet. The idea was to verify the identity also with the identity certificate for each device. There you have a link to the organisation. However, just a link via the subject and not a specific link to a participant URI at the ParIS. I will open an issue for ids-g.

[DominikPinsel]

Thanks for the quick responses. Once again learned a lot. On my part this question is answered and the issue resolved 👍

sub> Dominik Pinsel <dominik.pinsel@daimler.com, Daimler TSS GmbH, legal info/Impressum