SP 800-63A section 5.3.4 provides for the use of Trusted Referees in identity proofing and enrollment processes. The use of trusted referees is optional for CSPs; that is, if a CSP chooses to allow the use of trusted referees for identity proofing and enrollment, then the requirements of section 5.3.4 would apply. The use of trusted referees is intended to assist in the identity proofing and enrollment for populations that are unable to meet IAL2 and IAL3 identity proofing requirements or otherwise would be challenged to perform identity proofing and enrollment process requirements. Such populations include, but are not limited to:
SP 800-63A section 5.3.4 intentionally avoids presenting overly prescriptive requirements in order to allow CSPs flexibility in establishing processes for trusted referees that can best meet the needs, use cases, and operational environment for the target populations. CSPs are required to establish written documentation of the policies and procedures for the use of trusted referees, both for the determination that such policies and procedures can meet applicable SP 800-63A IAL2 and IAL3 requirements and so that the use of trusted referees can be understood to external entities. Such CSP documentation for the use of trusted referees may include:
Trusted referees may be notaries, legal guardians, medical professionals, conservators, persons with power of attorney, or other qualified individuals that may act on behalf of or otherwise represent the applicant.