RFC069: Support different levels of conformance testing for Authorisation Registry

Background and rationale

In the current situation, the Authority Registry (AR) can be tested by the iShare conformance tool, in order to make sure that all AR functionality is implemented. From a development point of view, it is very hard (and thereby very cost-intensive) to reach a 100% conformance level. Most use-cases of our participants only need a basic level of AR settings: party A just wants to read a data-source of party B. And sometimes add a simple delegation path.

Proposed change: purpose

The purpose is to make it easier for AR developers to provide an AR, which can have conformance test level 1, 2 or 3 (for example). This way a participant can also choose an AR which fits its needs. A different price level attached to offering an AR of a specific conformance level could also be justifyable: for basic AR needs choose a conformance level 1, for extended needs choose conformance level 3 (for example).

Proposed change: considerations and requirements

A consideration would be: a participant can provide an AR, supporting conformance level 1, 2, 3 (Level 3 includes at least functionality of 2 plus extra. Level 2 includes at least functionality of 1 plus extra). This level might be exposed in the capabilities (?). It is also possible that a certain AR provider, provides all 3 levels separately: should there be 3 AR's in that case?

The specifications for the different conformance levels should be further discussed.