Merge pull request italia#726 from italia/translation-defined-terms

Italian Translation of defined terms

Author: peppelinux

docs/en/defined-terms.rst

@@ -1,10 +1,22 @@
 .. include:: ../common/common_definitions.rst
 
-..
-  Defined Terms and Acronyms
-  ==========================
-  The terms *User*, *Trust Service*, *Trust Model*, *Trusted List*, *Trust Framework*, *Attribute*, *Electronic Attestations of Attributes Provider* or *Trust Service Provider (TSP)*, *Person Identification Data (PID)*, *Revocation List*, *Qualified Electronic Attestations of Attributes Provider* or *Qualified Trust Service Provider (QTSP)*, *Electronic Attestation of Attributes (EAA)*, are defined in the `EIDAS-ARF`_.
-  Below is the description of acronyms and definitions which are useful for further insights into topics that complement the IT-Wallet System and the interacting components.
+Normative References
+====================
+
+Below the normative references and respective acronyms included in these Technical Specifications:
+
+[CAD]
+
+Legislative Decree No. 82 of March 7, 2005, as amended, containing the 'Digital Administration Code'.
+
+[REF_ACCESSIBILITY]
+
+Accessibility Guidelines for IT Tools as per Article 11 of Law 4/2004.
+Directive (EU) 2019/882 of the European Parliament and of the Council of 17 April 2019 on the accessibility requirements for products and services.
+
+[GL_DESIGN]
+
+Design Guidelines for websites and digital services provided by public administrations, pursuant to Article 53, paragraph 1-ter of Legislative Decree No. 82 of March 7, 2005, as amended.
 
 .. _defined-terms:
 
@@ -13,12 +25,16 @@ Defined Terms and Acronyms
 
 This section aligns the IT-Wallet System's terminology with the definitions provided in ARF 1.10 (see `ARF Annex 1 <https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/blob/main/docs/annexes/annex-1/annex-1-definitions.md>`_). For each term, the IT-Wallet definition is compared and mapped to the ARF definition, with notes on any differences or clarifications.
 
+The terms *User*, *Trust Service*, *Trust Model*, *Trusted List*, *Trust Framework*, *Attribute*, *Electronic Attestations of Attributes Provider* or *Trust Service Provider (TSP)*, *Person Identification Data (PID)*, *Revocation List*, *Qualified Electronic Attestations of Attributes Provider* or *Qualified Trust Service Provider (QTSP)*, *Electronic Attestation of Attributes (EAA)*, are defined in the `EIDAS-ARF`_.
+
+Below is the description of acronyms and definitions which are useful for further insights into topics that complement the IT-Wallet System and the interacting components.
+
 .. glossary::
     :sorted:
 
     **Accreditation Process**
       Process performed by the National Accreditation Body to accredit CABs, resulting in an accreditation certificate.
-      Identical to ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Attributes**
     **User Attribute**
@@ -36,38 +52,37 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
 
     **Certification Process**
       Process by Conformity Assessment Bodies to certify the Wallet Solution, including periodic technical assessments.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Conformity Assessment Body (CAB)**
       Accredited body competent to assess/certify Wallet Solutions or trust service providers.
       Aligned with ARF 1.10.
 
     **Credential Issuer**
     **Issuer**
-    **Attestation Provider**
       Organizational Entity providing Digital Credentials to Users (may be PID Provider or (Q)EAA Provider).
       ARF 1.10 uses similar terms; IT-Wallet merges PID and (Q)EAA Providers under this term.
 
     **Credential Status Assertion**
     **Status Assertion**
       Signed document proving a Digital Credential's current validity status.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Critical Assets**
       Assets (e.g., cryptographic keys) whose loss would seriously impact the Wallet Unit.
       Aligned with ARF 1.10.
 
     **Cryptographic Hardware Key Tag**
       Unique identifier for Cryptographic Hardware Keys, used to access the private key in hardware.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Cryptographic Hardware Keys**
       Key pair generated by the Wallet Instance, valid for its lifetime.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Device Integrity Service**
       Service by device manufacturers to verify app integrity and secure key storage.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Digital Credential**
     **Credential**
@@ -76,20 +91,19 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
 
     **Federation Authority**
       Public governance entity issuing guidelines, rules, and managing trust lists and participant status.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Holder**
       Person or entity that receives, manages, and presents Digital Credentials via the Wallet Instance.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Holder Key Binding**
-    **Cryptographic Binding**
       Ability of the Holder to prove possession of the private key attested by a Trusted Third Party.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Identity and Access Management (IAM)**
       Framework for managing digital identities and access to information.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **IT-Wallet System**
       Set of Technical Solutions implementing the Italian Digital Wallet System.
@@ -101,31 +115,31 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
 
     **Key Attestation**
       Attestation from device OEM about secure key storage in hardware-backed keystore.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Level of Assurance**
-     - Degree of confidence in identity vetting and credential presentation.
-     - Aligned with ARF 1.10.
+      Degree of confidence in identity vetting and credential presentation.
+      Not present in ARF 1.10.
 
     **Metadata**
       Digital artifact with information about an Organizational Entity (endpoints, public keys, etc.).
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **National Accreditation Bodies (NAB)**
       Body performing accreditation under authority from a Member State.
       Aligned with ARF 1.10.
 
     **National Identity Provider**
-      Preexisting identity systems (e.g., SPID, CIE) notified to eIDAS.
-      Aligned with ARF 1.10.
+      Preexisting identity systems (e.g. CIE) notified to eIDAS.
+      Not present in ARF 1.10.
 
     **Notification Process**
       Process for transferring information to the EC and inclusion in the Trusted List.
       Aligned with ARF 1.10.
 
     **Organizational Entity**
       Legal person (organization or public entity) recognized to operate a role in the IT-Wallet ecosystem.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Personal Identification Data**
       A set of data which allow to establish the identity of a natural or legal person, or of a natural person representing another natural or legal person, to be established.
@@ -137,7 +151,7 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
 
     **Policy Language**
       Formal language for defining security, privacy, and identity management policies.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Primary Actors**
       Entities implementing Technical Solutions for the IT-Wallet System.
@@ -155,24 +169,27 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
       Digitally verifiable attestation in electronic form, substantiating possession of attributes.
       Aligned with ARF 1.10.
 
-    **Public Electronic Attestation of Attributes (Pub-EAA)**
+    **Electronic Attestation of Attributes issued by or on behalf of a public sector body (Pub-EAA)**
+    **Public Electronic Attestation of Attributes**
       Electronic Attestation of Attributes that contains Attributes deriving from a public Authentic Source.
       Aligned with ARF 1.10.
 
     **Electronic Attestation of Public Interest**
     **Credential of Public Interest**
       Electronic Attestation of Attributes that contains Attributes intended to certify the release, by the State or other public administrations, of authorizations, certifications, qualifications, identity and recognition documents, receipts of revenue, or to assume a fiduciary value and protection of public faith afterwards their issuance or the entries made on them and, in general, when they are considered security documents pursuant to Article 2, paragraph 10-bis, Law 13 July 1966, no. 559. 
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Person Identification Data (PID)**
       Electronic Attestation that allows the subject to whom the Personal Identification Data refers to be authenticated.
       Aligned with ARF 1.10.
 
     **Qualified Electronic Attestation of Attributes Provider**
-      Entity providing QEAAs.
+      Organizational Entity providing QEAAs.
       Aligned with ARF 1.10.
 
     **Electronic Attestation of Attributes Provider**
-      Entity providing EAAs.
+    **Electionic Attestation Provider**
+      Organizational Entity providing EAAs.
       Aligned with ARF 1.10.
 
     **Qualified Electronic Signature Provider**
@@ -194,11 +211,11 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
 
     **Relying Party Solution**
       Product (software/hardware/cloud) enabling Credential presentations in various contexts.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Relying Party Backend**
       Remote infrastructure with server-side components managed by a Relying Party Solution provider.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Relying Party Instance**
     **Verifier App**
@@ -211,47 +228,47 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
 
     **Self-Sovereign Identity (SSI)**
       Approach giving individuals control over their digital identity information.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Supervision Process**
       Process by a Supervisory Body to review and ensure proper functioning of the Wallet Provider and others.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Technical Solutions**
       Hardware/software systems and services implemented by Wallet Solution Providers, PID Provider, etc.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Technical Specifications**
       Specifications providing technical architecture, implementation framework, and design requirements.
       Aligned with ARF 1.10.
 
     **Trust**
       Confidence in the security, reliability, and integrity of entities and their actions.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Trust Attestation**
       Electronic attestation of compliance with the regulatory framework, cryptographically verifiable.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Trust Evaluation**
       Process of verifying trustworthiness of registered Organizational Entities.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Trust Framework**
       Legally enforceable set of rules and agreements for a multi-party system.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Trust Layer**
       Architectural component enabling participants to establish trust.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Trust Model**
       Collection of rules ensuring legitimacy of components/entities in the IT-Wallet ecosystem.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Trust Relationship**
       Reliable relationship between Organizational Entities after Trust Evaluation.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Access Certificate**
       Certificate authenticating and validating the (Wallet-) Relying Party.
@@ -263,7 +280,7 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
 
     **Certificate Signing Request (CSR)**
       Request sent to a CA containing the public key and identifying information for a digital certificate.
-      Aligned with ARF 1.10.
+      Not present in ARF 1.10.
 
     **Trusted List**
       Repository of information about authoritative entities and their status.
@@ -274,8 +291,9 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
       Aligned with ARF 1.10.
 
     **Verifier**
-      Also known as Credential Verifier; a person or entity using a Relying Party Instance.
-      Aligned with ARF 1.10.
+    **Credential Verifier**
+      A person or entity using a Relying Party Instance.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Wallet Instance**
       Application installed on a User's device, part of the Wallet Unit, providing user interfaces.
@@ -313,10 +331,12 @@ This section aligns the IT-Wallet System's terminology with the definitions prov
 
     **Digital Credential Catalogue**
       Electronic catalog containing information about the formats and schemes of Digital Credentials, the data contained and the Authentic Sources. The Catalog contains additional information that allows for the establishment of the authenticity and reliability of the information contained therein.
+      Not present in ARF 1.10; specific to IT-Wallet.
 
     **Intermediate Entity**
-    **Intermediate**
+    **Intermediary**
       Intermediate Entity as defined in `OID-FED`_ Section 1.2, for example in IT-Wallet it could be a Relying Party intermediary that offers and manages, on behalf of Relying Party, the Technical Solutions for the remote or proximity verification of Electronic Attestations.
+      Aligned with ARF 1.10.
 
 .. note::
    For any term not present in ARF 1.10, the IT-Wallet definition is provided as authoritative for the Italian context.
@@ -387,23 +407,33 @@ Below are the main acronyms used in the document:
   * - **AAL**
     - Authenticator Assurance Level as defined in `<https://csrc.nist.gov/glossary/term/authenticator_assurance_level>`_
   * - **ANPR**
-    - Italian National Registry of the Resident Population
+    - Anagrafe Nazionale della Popolazione Residente (Italian National Registry of the Resident Population)
   * - **API**
     - Application Programming Interface
+  * - **CAB**
+    - Conformity Assessment Body
   * - **CIE**
-    - National Electronic Identity Card
+    - Carta di Identità Elettronica (National Electronic Identity Card)
+  * - **EAA**
+    - Electronic Attestation of Attributes
   * - **IAM**
     - Identity and Access Management
   * - **LoA**
     - Level of Assurance
+  * - **NAB**
+    - National Accreditation Body 
   * - **OID4VP**
     - OpenID for Verifiable Presentation
+  * - **PDND**
+    - Piattaforma Digitale Nazionale Dati (National Digital Data Platform)
   * - **PID**
     - Person Identification Data
   * - **PII**
     - Personally Identifiable Information
-  * - **SPID**
-    - Italian Public Digital Identity System
+  * - **QEAA**
+    - Qualified Electronic Attestation of Attributes
+  * - **Pub-EAA**
+    - Electronic Attestation of Attributes issued by or on behalf of a public sector body
   * - **SSI**
     - Self Sovereign Identity
   * - **VC**

docs/en/user-attribute-deletion.rst

@@ -35,7 +35,7 @@ This Wallet Instance functionality allows Users to obtain a list of all Relying
 **Steps 7 - 8:** The Wallet Instance redirects the User to the Erasure Endpoint. It MUST also ensure that a callback mechanism to allow the User-Agent to notify the Wallet Instance (and thus the User) after the Erasure Response is present. Details on the Erasure Request can be found in :ref:`relying-party-endpoint:Erasure Request`.
 
 .. note::
-  The Relying Party web page will authenticate the User with an appropriate Level of Assurance using any method such as SPID/CIE or the PID presentation. The specific mechanism used for authentication is left to the Relying Party. Upon authenticating the User, the Relying Party MAY prompt the User to perform additional steps needed for the deletion of attributes, e.g., it might require the User to confirm the deletion operation.
+  The Relying Party web page will authenticate the User with an appropriate Level of Assurance using any method such as CIE or the PID presentation. The specific mechanism used for authentication is left to the Relying Party. Upon authenticating the User, the Relying Party MAY prompt the User to perform additional steps needed for the deletion of attributes, e.g., it might require the User to confirm the deletion operation.
 
 **Step 9:** Upon successful authentication of the User the Relying Party MUST delete all attributes bound to the User in its possession.