[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]ISsec Profile Providers (was Re: IDsec meeting)

From: Mike Warren
Subject: Re: [Auth]ISsec Profile Providers (was Re: IDsec meeting)
Date: 30 Nov 2001 18:30:05 -0700
User-agent: Gnus/5.090003 (Oort Gnus v0.03) XEmacs/21.1 (20 Minutes to Nikko)

Hash: SHA1

"John Pugh" <address@hidden> writes:

> My point above was that there will be a base identity schema as you
> depicted via XML. But as a provider, I want to provide other
> services or add another layer of "service" to make my providing or
> service more appealing.

Ah, I see. Absolutely.

> the IDSec space...can this be done?

I don't know; all I know about IDsec is what's been written here on
address@hidden; I would certainly advocate that such extensibility
should exist.

> With XML, it's simple to do that and the interface can be
> automatically modified to support the additional attribute AND the
> attribute/schema can easily be limited to just that provider.

Yes, I think expandability is important; my example about a Bank
perhaps wanting to add the ability to issue digital cash tokens would
use this. If a User has a digital cash token, they will almost
certainly want to send it so some Third Party. Since any feasible
digital-cash scheme must include recipient information, it makes sense
to send it along as some ``extra'' information between two Identity

> I'm struggling with the need to re-invent the wheel here...or maybe
> that's what you want to do? I'm not sure.

I'm not aware of a robust, open, trust-based Identity model such as
the one I discussed in my last mail which is implemented as free
software. The ``Nym'' system (now disabled) implemented by comes close-ish, but it depends on central servers
and doesn't allow one to issue themselves a Nym (Identity). It also
doesn't allow (for example) a company to issue Nyms to its employees
(well, they could set up their *own* system, but that defeats the
purpose). They may very well have some usable code, though.

> Thanks for reading...I'll stop if I'm impeding progress. Just say
> so.  This IS good stuff.

No; all comments are valuable, IMO. Readers can ignore those authors
they don't find valuable.

- -- 
GPG: 0x579911BD :: 87F2 4D98 BDB0 0E90 EE2A  0CF9 1087 0884 5799 11BD

Version: GnuPG v1.0.1 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.5 and Gnu Privacy Guard 


reply via email to

[Prev in Thread] Current Thread [Next in Thread]