This part of the iSHARE Scheme is considered normative and is therefore compliant with RFC 2119.
For all Human to Machine interactions, as in primary use case 2 and 3, an interface is required. This interface MUST comply with the following guidelines:
- The name of the legal entity that provides a broker service or identity provisioning service MUST be clearly visible;
- During the process of authentication, information not directly relating to the identity provision process or supporting the identity provision process MAY NOT be present. Links to websites irrelevant to the identity provisioning process or advertisements MAY NOT be present;
- Parties facilitating the identity provision process MAY use their own corporate styling and logos;
- The iSHARE brand MUST be shown during the identity provision process. Showing the iSHARE brand MUST be in line with iSHARE communication guidelines;
- Human Service Consumer that are being identified through the use of a browser MUST be able to verify the URL and used SSL certificate during all steps of identity provisioning process.
Please note that extra guidance will need to be added for the context of apps: how can Human Service Consumers verify that they are not being tricked?