Complete IDENTITY-WP-0003 corpus backfill and model refinement

Backfill all 23 research source notes with terminology extracts, modeling
assumptions, conflicts, canonical mappings, and references. Refresh terminology
artifacts, refine the conceptual model with explicit scenario paths, reconcile
canon surfaces and open questions, and mark the workplan finished.
This commit is contained in:
2026-06-21 20:22:20 +02:00
parent 790a2f2041
commit 1c1b5c9bc6
32 changed files with 2676 additions and 623 deletions

View File

@@ -1,8 +1,9 @@
# Design Principles
Status: draft. These principles make the proposal's modeling stance explicit.
They are constraints for canonical vocabulary and conceptual model work, not
implementation requirements for downstream systems.
Status: draft. Refined after IDENTITY-WP-0003 corpus backfill. These principles
make the proposal's modeling stance explicit. They are constraints for canonical
vocabulary and conceptual model work, not implementation requirements for
downstream systems.
## P1. Use Actor As The Participation Root
@@ -66,7 +67,23 @@ the canon should identify the underlying concept before adopting the label.
Every canonical concept should survive concrete scenarios: enterprise
directories, vendor/customer tenancy, families, communities, social graphs,
service accounts, delegated agents, weak matches, strong links, and
pseudonymous profiles.
pseudonymous profiles. After corpus backfill, all fifteen scenarios in
`scenarios/ScenarioTests.md` have explicit representation paths in
`model/ConceptualModel.md`.
## P12. Distinguish Assurance Dimensions
Identity proofing, authentication, and federation assurance are separable
dimensions (NIST IAL, AAL, FAL). Do not collapse them into a single "trust
level" on an account. Record assurance metadata on bindings, credentials, and
federation relationships where sources provide it.
## P13. Prefer Non-Destructive Linking
Entity resolution, federation account linking, and semantic web equivalence
patterns should produce Synonymity Assertions, not silent record merges.
Probabilistic matches default to weak strength with review lifecycle. Deterministic
and verified matches may be strong but remain scoped and revocable.
## P11. Keep Implementation Recommendations Downstream