- From: Ben Laurie <benl@google.com>
- Date: Mon, 20 Dec 2010 10:50:09 +0000
- To: Josh Howlett <Josh.Howlett@ja.net>
- Cc: Phillip Hallam-Baker <hallam@gmail.com>, Common Authentication Technologies - Next Generation <kitten@ietf.org>, websec <websec@ietf.org>, "saag@ietf.org" <saag@ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>, General discussion of application-layer protocols <apps-discuss@ietf.org>, "http-auth@ietf.org" <http-auth@ietf.org>
On 20 December 2010 09:25, Josh Howlett <Josh.Howlett@ja.net> wrote: >> As Web sites discover that their account holders cannot remember their >> username, most have adopted email addresses as account identifiers. >> That is what we should use as the basis for federated web >> authentication. > > Unfortunately this approach transgresses the fourth Law of Identity: 'Directed Identity'. > > "A universal system must support both omni-directional identifiers for use by public entities and unidirectional identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles" Of course these are not actually laws, just good ideas. However: the core failing seems to be the requirement that users should remember any more than their one "master identity" which is used to store all the others (see my Nigori work for how). > > Josh. > > JANET(UK) is a trading name of The JNT Association, a company limited > by guarantee which is registered in England under No. 2881024 > and whose Registered Office is at Lumen House, Library Avenue, > Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag >
Received on Monday, 20 December 2010 10:50:39 UTC