Glossary
Defines terms used in Origin documentation.
Last updated
Defines terms used in Origin documentation.
Last updated
Note: Mostly, this terminology is specific to the Origin platform. Theoretical and formally standardized cryptographic and cybersecurity terms are introduced only lightly. For more details about those concepts, see the 's , 's , the , , and W3C's and .
A self-certifying identifier which cryptographically binds an identifier to a public and private key pair. It is an identifier that can be proven to be the one and only identifier tied to a public key using cryptography alone. A vLEI formally references its issuee by the issuee's AID.
An org that operates on the Origin platform to create, manage, and use its digital identity. Contrast .
A that provides telecom services such as A2P messaging or VOIP, and that uses Origin to help make their traffic verifiable.
A formally defined role in the . A DAR represents a client during issuance. They designate , formally commit their org to governance rules, and establish a contractual relationship between their org and a .
A small, digitally signed file that provides evidence that the holder is entitled to a privilege. X509 certificates and SSH keys are familiar but old examples. A second generation of digital credentials solves some centralization and maintenance problems and has come of age in the past decade. It is associated with AnonCreds, the ISO mobile driver's license spec, and W3C verifiable credential spec. Origin can help support these technologies. However, the focus of Origin is a third generation of digital credentials called ACDCs. These offer dramatically improvements in security and efficiency. are an example of a ACDC-based credential supported by Origin.
A that helps a build the foundation of their digital identity. Typically a client contracts with a facilitator; the facilitator then vets the org and its staff, issues important credentials, and provides training and support. Origin may be the delivery channel for only a subset of these things. A client may interact with other service providers, but its relationship is typically mediated by its facilitator, at least at first. are often facilitators because are foundational to the digital identity strategy of many orgs. See > for details.
A formally defined role in the . They are a member of a committee that uses cryptographic keys to jointly manage their org's identity by providing formal approvals of all operations that the org performs directly. They also delegate, so other representatives of the org can function autonomously.
A accredited by GLEIF to issue vLEIs to orgs. See the for details.
An org that operates on the Origin platform to deliver services consumed by . Two examples of a service provider are a and a .
A category of that was designed by to embody extremely high assurance of identity for organizations and the people who represent them. There are multiple subtypes of vLEI, including one that certifies a (QVI vLEI), one that identifies legal entities (LE vLEI), one that identifies officers of an organization with legally recognized roles (OOR vLEI), and one that identifies staff of an organization with arbitrary job titles (ECR vLEI). See the for details.