Open NicolasLiampotis opened 2 months ago
Discussed in the Architecture Meeting this afternoon; decoded to add the defintion of "Trust Authority" to the document and make clear that it should not confused with the OIDC "Trust Anchor" (although the implementation of a Trust Authority might be an OIDC Trust Anchor).
Added Trust Authority definition to the terms section
Re-opening the issue because it is still unclear what the difference between Trust Anchor and Trust Authority is.
The information document on Establishing trust between OAuth 2 proxies [AARC-I058] currently uses "Trust Authority" which seems interchangeable with "Trust Anchor" from the OpenID Federation specification [OID-Fed]. However, there's a distinction between these roles in the context of [OID-Fed]:
There are two options to address this terminology inconsistency in AARC-I058: