For the purposes of the present document, the terms and definitions given in TR 21.905
and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905
. The GAA / GBA specific definitions are originated from  and the OpenID definitions are originated from . In case of conflict  and  take precedence.
An attribute is used in the OpenID Attribute Exchange service extension . This extension provides a mechanism for moving identity related information between sites. An attribute is associated with a Subject Identifier. An attribute has a type identifier and a value. An attribute type identifier is a URI. An attribute value can be any kind of data.
Bootstrapping Server Function (BSF):
A Bootstrapping Server Function (BSF) is hosted in a network element under the control of an MNO. BSF, HSS/HLR, and UEs participate in GBA in which a shared secret is established between the network and a UE by running a bootstrapping procedure. The shared secret can be used between NAFs and UEs, for example, for authentication purposes.
GBA User Security Settings:
GUSS contains the BSF specific information element and the set of all application-specific USSs.
An Identifier in OpenID is either an "http" or "https" URL, or an XRI . OpenID  defines various kinds of identifiers depending on the context.
Network Application Function (NAF):
A NAF is hosted in a network element. GBA may be used between NAFs and UEs for authentication purposes, and for securing the communication path between the UE and the NAF.
OpenID Provider (OP):
An OpenID Provider (OP) is an OpenID Authentication Server on which a Relying Party relies for an assertion that the end user controls an Identifier.
OpenID Provider driven identifier selection:
OpenID Provider driven identifier selection is the ability for a user to enter the URL of their OpenID Provider into an OpenID field rather than their personal OpenID URL. This allows the web site (RP) to start the OpenID authentication flow and send the user over to the correct OpenID provider. The user can then authenticate to the OpenID provider, select a particular OpenID URL and persona if they have multiple, This will result in an actual user OpenID URL or an anonymous OpenID URL being returned to the RP.
OP Endpoint URL:
The URL which accepts OpenID Authentication protocol messages, obtained by performing discovery on the User-Supplied identifier. This value must be an absolute HTTP or HTTPS URL.
Relying Party (RP):
A Relying Party is a web application that wants a proof that the end user controls an Identifier.
User Supplied Identifier:
An Identifier that was presented by the end user to the RP, or selected by the user at the OpenID Provider. During the initiation phase of the protocol, an end user may enter either their own Identifier or an OP Identifier. If an OP Identifier is used, the OP may then assist the end user in selecting an Identifier to share with the RP.
For the purposes of the present document, the abbreviations given in TR 21.905
and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905
Authentication and Key Agreement Protocol
Bootstrapping Server Function
Generic Authentication Architecture
Generic Bootstrapping Architecture
GBA Push Information
GBA User Security Settings
Home Location Register
Home Subscriber Server
Mobile Network Operator
Network Application Function
Provider Authentication Policy Extension
Subscriber Locator Function
User Security Settings