OP Identifier vs. OP-Specific Identifier
Josh Hoyt
josh at janrain.com
Mon Nov 20 21:44:43 UTC 2006
On 11/19/06, Recordon, David <drecordon at verisign.com> wrote:
> So I'm working on cleaning up the terminology section
...
> - Public Identifier (tries to create context)
> - Private Identifier (tries to create context)
> - Privacy-protected login (have we even defined this)
These terms are related to use cases for Id^H^HOP-driven identifier selection.
I don't like these terms because "public" and "private" don't really
describe what's going on. OP-driven identifier selection makes it much
easier to control the amount of correlation between the identifiers,
but an identifier that cannot be correlated between sites does not
mean that it's "private."
The thing that makes it especially misleading is that I might decide
that I want to be correlated between two sites (and only two sites)
because I want them to know that I'm the same person. Is that
identifier public or private?
Do we need to do all this work to describe *a* use case for OP-driven
identifier selection?
Josh
More information about the specs
mailing list