Requiring Pseudonymous Identifier

[SitG Admin]

>Attributes like group membership belong in AX, not in the identifier.
>
>I suspect the idea is to have a pseudonymous identifier that 
>discloses nothing about the person using it other than the fact that 
>they can assert the same ID each time they return to prevent 
>correlation.

To further prevent correlation, the OP may wish to support users in 
authenticating as members of a group - *in such a way* that 
individual users cannot be distinguished from one another. If not for 
that, RP's could correlate information over time, establishing 
theoretical profiles of the users.

I think one compromise could be to use a traditional identifier, and 
then use AX to signal to the RP that the OP might vouch for more than 
one individual having that URI.

-Shade