[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]ISsec Profile Providers (was Re: IDsec meeting)

From: Mike Warren
Subject: Re: [Auth]ISsec Profile Providers (was Re: IDsec meeting)
Date: 30 Nov 2001 15:08:02 -0700
User-agent: Gnus/5.090003 (Oort Gnus v0.03) XEmacs/21.1 (20 Minutes to Nikko)

David Sugar <address@hidden> writes:

> In the IDsec implimentation you can run a completely authoratitive
> "Profile Provider" on your own individual workstation if you wish
> and choose to do so, and thereby need not trust anyone else with
> your data. The idea that providers of identity can exist, and that
> they can operate at any level, from an internet wide service
> provider to something an individual company might run, or even an
> individual user, has always been consistent and a key goal in DotGNU
> to protect privacy. I happen to like the IDsec implimentation
> particularly for this reason personally.

I agree with this; I certainly didn't mean to imply that Profile
Providers had to be some central authority (just that the user must
trust their Profile Provider, which could just be
themselves). Realistically, however, a Web service which wants
verifiable-correct data isn't going to trust a Profile Provider run by
a single user (if they just want ``some'' data [i.e. like current
``please register to see our content'' Web sites] and don't really
care how valid it is, then they'll do fine to trust such Providers).

GPG: 0x579911BD :: 87F2 4D98 BDB0 0E90 EE2A  0CF9 1087 0884 5799 11BD

reply via email to

[Prev in Thread] Current Thread [Next in Thread]