Privacy and verification use case (was Re: PING @ IETF 92 - change of room)

Apologies that I missed the conversation this morning.

For the sake of wiki-tending, I've moved Kepeng's use case text to a dedicated page and cleaned up some of the formatting:
https://www.w3.org/wiki/Privacy/Privacy_and_verification_use_case <https://www.w3.org/wiki/Privacy/Privacy_and_verification_use_case>

I believe I have some similar questions that the group had today, in terms of how to connect this use case to possible Web standards work.

The three-party model calls to mind traditional decentralized authentication systems, with subjects (the user), identity providers (the platform in this case, which does the SMS work of verifying ownership of a phone number) and relying parties (the hospital in this case, which wants to be sure it's talking to the same person, but doesn't want to do the authentication itself). OpenID might have some prior work of interest. And we're definitely hearing a lot of interest in authentication methods (using secure elements or multiple factors) which might inspire new W3C standardization work.

Thanks,
Nick

> On Mar 25, 2015, at 8:57 AM, Kepeng Li <kepeng.lkp@alibaba-inc.com> wrote:
> 
> Hi Christine and all,
> 
> => A intro to a privacy issue/requirement from Alibaba (Kepeng Li)
> 
> About this agenda item, I created a wiki page to indicate our privacy issue/requirement for discussion:
> https://www.w3.org/wiki/Talk:Privacy
> 
> Talk to you tomorrow.
> 
> Early feedback are also more welcomed!
> 
> Thanks,
> Kind Regards
> Kepeng Li
> Alibaba

Received on Monday, 30 March 2015 08:30:18 UTC