[Openid-specs-ab] Privacy Considerations
Nat Sakimura
sakimura at gmail.com
Sat Jul 23 10:02:05 UTC 2011
Hi.
I have started to contemplate on the privacy considerations.
Several questions arises:
- When is the purpose of the use of the attribute determined?
-> either the claim request, or the redirect_url registration time.
- Is it not a good practice to return the terms of use of the data with it?
- Is it not releasing too much information as a default?
- Should not the access log to the UserInfo made accessible to the user?
Best,
--
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110723/682e4269/attachment.html>
More information about the Openid-specs-ab
mailing list