The CardSpace factor

Eric Norman ejnorman at doit.wisc.edu
Fri Feb 16 23:39:52 UTC 2007 

On Feb 16, 2007, at 3:47 PM, George Fletcher wrote:

> Actually, I don't think the issue is whether the card is self-asserted
> or managed.  The issue is how does the RP ask for a "public personal
> identifier" when it activates Cardspace with a list of claims that it
> needs.  This claim could be self-asserted or managed, though in the 
> case
> of an OpenID I agree that it probably makes more sense for that to come
> from a managed card.
>
> Thanks,
> George

That's not the way I see it.  I see the issue as being how
can the RP get the claims that the user is willing to
release.  The trick of treating the public personal
identifier as a resolvable OpenId would be one way.  I'm
suggesting that using that OpenID URL as a pointer to
a place to get "managed cards" is another.

I'm just trying to get the options on the table.

Eric Norman

> Eric Norman wrote:
>> On Feb 16, 2007, at 3:20 PM, Drummond Reed wrote:
>>
>>
>>> George,
>>>
>>> If you're nominating "public personal identifier" as the name of a
>>> proposed
>>> CardSpace attribute for an OpenID URL or XRI representing an
>>> individual on a
>>> self-asserted card, I like it. It's a perfect counterpoint to the
>>> current
>>> "private personal identifier" claim, which is really for internal
>>> CardSpace
>>> use.
>>>
>>
>> Instead of making an OpenID URL a self-asserted claim,
>> there might be another possible avenue to explore.
>>
>> Set up CardSpace such that managed cards can be supplied
>> by a user's OpenID server.  The difference is that the
>> user does the managing.  That is, it's just a matter of
>> whether the user does her self-asserting on a server of
>> her choice or on some database on her desktop.  In either
>> case, the level of assurance is the same, isn't it?
>>
>> Eric Norman
>>
>> _______________________________________________
>> user-experience mailing list
>> user-experience at openid.net
>> http://openid.net/mailman/listinfo/user-experience
>>
>>
> _______________________________________________
> user-experience mailing list
> user-experience at openid.net
> http://openid.net/mailman/listinfo/user-experience

More information about the user-experience mailing list