We’ve been asked variously for some kind of document with a gap analysis or assimilation matrix. We don't have one. This is why.
You want to tell people that your service is certified and on the GOV.UK register of digital identity and attribute services. What should you say and what shouldn't you?
The gamma (0.4) publication of the UK digital identity and attributes trust framework introduces certification for "component services". You don't have to use certified components – but you'll probably want to.
This blogpost explains how service providers who are already certified against the trust framework can ‘uplift’ to the new version.
This blogpost explains the new approach to certification of white label services against the gamma (0.4) trust framework.
How can we be confident that the trust framework rules are being followed? That’s the role of “conformity assessment”.
