Claims Agent Charter

Version 0.4

Name
Claims Broker Working Group

Purpose
The purpose of this working group is to (i) create a forum for collaboration between commercial and open source developers on interoperable, verified claim broker implementations and (ii) provide funding for the development of an open source implementation.

A claims broker is a software agent that allows the user to select a claim-set from among multiple alternative sources of these claim-sets.

The claims broker has the following characteristics:
 * MUST be able to be used with an unmodified browser
 * MAY include a minimal browser extension used only to invoke the broker service while reducing the phishing attack surface
 * MAY include the ability to download from the claims broker an optional active client.
 * MAY support existing protocols such as OpenID, SAML and IMI
 * MAY be used to provide claims used for authentication
 * MUST prevent claims providers from being able to trace the identity of the claims recipient (i.e. the RP). This requirement implies BOTH the inability of the claims provider to know the identity of the recipient, as well as the requirement that the delivered tokens themselves not be correlateable across recipients such as can be achieved with uProve or Idemix tokens.

An active client is a computer/device resident software component that provides claims to local applications. Active clients are integrated with browsers via a browser extension. The optional active client component offers additional benefits beyond the web-based claims broker:
 * User experience. Once installed an active client can provide a simpler UX for many claims-related interactions with apps/services.
 * Security: Active clients can provide additional protection from some kinds of phishing attacks, and they support higher levels of assurance with less user inconvenience.
 * Privacy: Active clients do not disclose to an external operator (e.g. a claims broker service operator) the websites that the user visits. Further, they can act as wallets for privacy enhancing long-lived tokens (including those based on zero knowledge proofs) that provide additional privacy protections.

Scope

 * To create a claims broker development community that includes open source, research and commercial efforts.
 * To build liason relationships with related efforts at OpenID Artifact Binding WG, Kantara (e.g. ULX), Mozilla (e.g. Account Manager) and W3C (new initiatives being considered). Where possible to work with these organizations on their respective specs, rather than creating new specs.
 * To develop specifications for a cloud-based API for synchronizing state across active clients. These specifications would be contributed to standards groups (e.g. OASIS, W3C, and OpenID)
 * To fund a complete, open source claims broker implementation including active client for desktop and mobile devices. All developed source code will be licensed under TBD license (most likely Apache 2.0 or EPL 1.0)
 * To support and fund interoperability testing of claims brokers

Principles
See Identity Commons Purpose And Principles

Practices
to be written

Requirements of Participation and How to Join
to be written

Licenses and/or Restrictions on Usage of Work Product

 * Open Web Foundation for specs
 * TBD: Apache 2.0 or EPL 1.0 for code

Current Deliverables and Milestones
To be determined.

Current Meeting Schedule
to be written

Current Membership
to be written

Current Stewards Council Representative and Alternate
The stewards council representative will be selected by the members of the working group.

Current Links
to be written

Related Groups

 * OpenID Artifact Binding Working Group
 * Kantara ULX WG
 * Mozilla Account Manager
 * OpenInfoCard
 * FC2
 * Higgins Active Client

History
This is where the group can share about how/why the group was founded and where will be where quarterly reports will be linked to.