[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Auth]ISsec Profile Providers (was Re: IDsec meeting)
From: |
John Pugh |
Subject: |
Re: [Auth]ISsec Profile Providers (was Re: IDsec meeting) |
Date: |
Fri, 30 Nov 2001 14:55:57 -0700 |
Ok...I'm not getting my point across. Got it.
Thanks.
>>> David Sugar <address@hidden> 11/30 2:31 PM >>>
In the IDsec implimentation you can run a completely authoratitive
"Profile Provider" on your own individual workstation if you wish and
choose to do so, and thereby need not trust anyone else with your data.
The idea that providers of identity can exist, and that they can
operate at any level, from an internet wide service provider to
something an individual company might run, or even an individual user,
has always been consistent and a key goal in DotGNU to protect privacy.
I happen to like the IDsec implimentation particularly for this reason
personally.
Yes there are other very interesting proposals, some similar and some
different. All should be treated with courtosy and certainly all
proposals will be evaluated in what they do to protect privacy of user
data.
John Pugh wrote:
>Then this will never work for me and my businesses. I refuse to put
>everything in one basket and would imagine others would feel this way
as
>well. I only trust a few "providers" 100%, but because some providers
>will provide more services based on what I provide them I will give
them
>access to a small portion of info.
>
>This is where I see many of flaws of these projects. It appears from
>the information given that the idea of virtual identities is limiting
>what I can do as a consumer of virtual identy information and this
will
>severely limit the execution.
>
>The personal directory concept has this. Everyone can implement what
>they want and I can "subscribe" to the value added pieces that I wish
>since everyone will have the choice to have a different schema. The
base
>schema will be the same across the board as it is required to
>authenticate. But, that's the only control exerted. This allows me to
>vary my trust and not put all my eggs in the same basket(s). Then I
can
>build services on top of this consuming the different attributes I
need
>with a specific provider.
>
>See...the user AND the provider/web service needs the ability to
>consume/provide value-add. The ability to trust/or limit the trust is
an
>absolute must for any part of the schema and the schema needs to be
>fully and dynamically extensible to allow for the value-add.
>
>I may be missing the point, but I only trust a handful of
>people/business and that trust is 100% for a very select few. Trust
is
>earned...not given.
>
>JP
>
>>>>Mike Warren <address@hidden> 11/29 6:58 PM >>>
>>>>
>"John Pugh" <address@hidden> writes:
>
>>One issue I have with this model... I "trust" these providers only
>>to a certain extent. I will not allow Provider A to have x data
>>where I would allow Provider B to have it.
>>
>
>I think the point of Providers is that they're supposed to be
>trusted. If you don't trust them, why are they your trusted identity
>provider? (Note: ``Providers'' are different from ``Web services'',
>IIUC).
>
_______________________________________________
Auth mailing list
address@hidden
http://subscribe.dotgnu.org/mailman/listinfo/auth