- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 08 Sep 2014 21:36:17 -0400
- To: Melvin Carvalho <melvincarvalho@gmail.com>, Eric Korb <eric.korb@accreditrust.com>
- CC: Credentials Community Group <public-credentials@w3.org>
On 09/01/2014 03:14 PM, Melvin Carvalho wrote: > On 1 September 2014 21:10, Eric Korb <eric.korb@accreditrust.com > <mailto:eric.korb@accreditrust.com>> wrote: > > Not sure if I trust Twitter or Facebook to do proper Identity > Proofing. > > Even over HTTPS? This discussion really should be happening on the Credentials CG mailing list: -to/+bcc Web Payments, +to Credentials I think the point Eric is making is that high-stakes identity proofing often requires you to show up in person at a government-run institution or bank with government-provided paperwork to prove that you are who you say you are... perhaps also providing retinal scans and palm-vein scans in the process. There are alternatives, like Skyping w/ a private corporation and answering some questions about your background/history. That's less high-stakes than what was said above. One could make the argument that if we're going to get this digital identity/credentialing stuff to work online that we're going to have to figure out a way to do Web of Trust w/o requiring a physical presence to manifest itself in the physical world in order to ensure that someone is who they say they are. In order to make pure digital identity verification work, we will probably have to start generating a digital footprint online that is fairly difficult for a bot to fake. So, to Eric's point - what is there to stop a bot from gaming identifi? -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: The Marathonic Dawn of Web Payments http://manu.sporny.org/2014/dawn-of-web-payments/
Received on Tuesday, 9 September 2014 01:36:49 UTC