Inline below...<br clear="all">--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br><br><div class="gmail_quote">On Wed, Sep 9, 2009 at 3:37 PM, SitG Admin <span dir="ltr"><<a href="mailto:sysadmin@shadowsinthegarden.com">sysadmin@shadowsinthegarden.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
The profile is quite paranoid about not exposing any PII, and if the user were allowed to enter anything, that might give away something about the personal identity of the user. So instead, RPs must use the nascar OP button display, which means all authentications begin with an OP identifier (thus no delegation).<br>
</blockquote>
<br></div>
It instantly struck me as an odd concern, this "paranoia" when forcing users to communicate through an OP that probably required a LOT of PII from the user (and may provide it to "the government" upon request). </blockquote>
<div><br></div><div>When I used "paranoid" it wasn't intended as a derogatory term, but rather just the level of urgency with which they considered privacy.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
If your PII is in the chain, someone can trace back to you. (Vanity domains, to be fair, can be the same - and if you put bad information in the Owner field, you may have trouble proving your right to that domain, later on.)<br>
</blockquote><div><br></div><div>Because according to the ICAM profile the OP must assert PPID claimed_id values to the RP, they actually <i>aren't</i> traceable back to you, assuming the OP doesn't store the generated claimed_ids, but rather regenerates them using some kind of one-way hash of the openid.realm and openid.identity values together with user-specific salt. It's mathematically difficult to take the opaque claimed_id and reverse it back to the user who generated the assertion. </div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
Does the profile permit multi-user OP's to make assertions about users for whom they have NOT collected any PII?<br></blockquote><div><br></div><div>The profile makes no restrictions whatsoever (at least when I last read an earlier draft) regarding what cares the OP has taken to identify the user if I read it correctly. </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
-Shade<br>
</blockquote></div><br>