Identifier portability: the fundamental issue
Dick Hardt
dick at sxip.com
Tue Oct 17 15:54:28 UTC 2006
On 16-Oct-06, at 12:24 PM, Martin Atkins wrote:
> Chris Drake wrote:
>>
>> There seem to be a lot of people on this list who want to hate and
>> loathe the IdP, and grant all power to the RP. I do not understand
>> this reasoning: our users will select the IdP they trust and like,
>> then they will be using a multitude of possibly hostile RPs
>> thereafter: the reverse is simply not true.
>>
>
> If I'm using one IdP to assert my primary public identity, they can
> hypothetically develop quite a profile about me. I probably don't mind
> too much in most cases, because I researched them and found that they
> are a good provider and won't sell my data out to the bad guys.
>
> However, there might be some things I want to do (for example, posting
> locally-prohibited speech on a public forum) that I don't want
> attached
> in any way, shape or form to my public identity. The trust
> relationship
> I have with that IdP probably isn't enough for this; if there is any
> record at all of any association between these two identities, as
> friendly as my IdP may be, there is a chance that it will be ceased by
> court order, or leaked by an insider, which might lead to me
> getting in
> serious legal trouble.
>
> This is just one (perhaps extreme) example of why my trust in my
> IdP is
> not universal and all-encompassing. Trust is not a boolean.
A possible solution is you can use a different IdP when you want to
do this activity so there is no link to your primary IdP.
-- Dick
More information about the specs
mailing list