[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]ISsec Profile Providers (was Re: IDsec meeting)

From: John Pugh
Subject: Re: [Auth]ISsec Profile Providers (was Re: IDsec meeting)
Date: Fri, 30 Nov 2001 14:55:57 -0700

Ok...I'm not getting my point across. Got it.

>>> David Sugar <address@hidden> 11/30 2:31 PM >>>
In the IDsec implimentation you can run a completely authoratitive 
"Profile Provider" on your own individual workstation if you wish and 
choose to do so, and thereby need not trust anyone else with your data.

 The idea that providers of identity can exist, and that they can 
operate at any level, from an internet wide service provider to 
something an individual company might run, or even an individual user,

has always been consistent and a key goal in DotGNU to protect privacy.

 I happen to like the IDsec implimentation particularly for this reason


Yes there are other very interesting proposals, some similar and some 
different.  All should be treated with courtosy and certainly all 
proposals will be evaluated in what they do to protect privacy of user


John Pugh wrote:

>Then this will never work for me and my businesses. I refuse to put
>everything in one basket and would imagine others would feel this way
>well. I only trust a few "providers" 100%, but because some providers
>will provide more services based on what I provide them I will give
>access to a small portion of info.
>This is where I see many of flaws of these projects. It appears from
>the information given that the idea of virtual identities is limiting
>what I can do as a consumer of virtual identy information and this
>severely limit the execution.
>The personal directory concept has this. Everyone can implement what
>they want and I can "subscribe" to the value added pieces that I wish
>since everyone will have the choice to have a different schema. The
>schema will be the same across the board as it is required to
>authenticate. But, that's the only control exerted. This allows me to
>vary my trust and not put all my eggs in the same basket(s). Then I
>build services on top of this consuming the different attributes I
>with a specific provider.
>See...the user AND the provider/web service needs the ability to
>consume/provide value-add. The ability to trust/or limit the trust is
>absolute must for any part of the schema and the schema needs to be
>fully and dynamically extensible to allow for the value-add.
>I may be missing the point, but I only trust a handful of
>people/business and that trust is 100% for a very select few. Trust
>earned...not given.
>>>>Mike Warren <address@hidden> 11/29 6:58 PM >>>
>"John Pugh" <address@hidden> writes:
>>One issue I have with this model... I "trust" these providers only
>>to a certain extent. I will not allow Provider A to have x data
>>where I would allow Provider B to have it.
>I think the point of Providers is that they're supposed to be
>trusted. If you don't trust them, why are they your trusted identity
>provider? (Note: ``Providers'' are different from ``Web services'',

Auth mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]