- From: Deborah Dahl <Dahl@conversational-Technologies.com>
- Date: Thu, 14 Oct 2021 16:58:14 -0400
- To: "'Bev Corwin'" <bevcorwin@gmail.com>, "'Dirk Schnelle-Walka'" <dirk.schnelle@jvoicexml.org>
- Cc: <public-voiceinteraction@w3.org>
- Message-ID: <00de01d7c13e$34d11610$9e734230$@conversational-Technologies.com>
I think it would have to be a box in the “Provider Selection Service”. I’m not sure if it would be separate from the Accounts/Authentication box – it depends on what that box means. From: Bev Corwin <bevcorwin@gmail.com> Sent: Thursday, October 14, 2021 4:00 PM To: Dirk Schnelle-Walka <dirk.schnelle@jvoicexml.org> Cc: Deborah Dahl <Dahl@conversational-technologies.com>; public-voiceinteraction@w3.org Subject: Re: [voiceinteraction] Move accounts/authentication box to individual IPA's? Where would a trust registry reside? On Thu, Oct 14, 2021 at 3:57 PM <dirk.schnelle@jvoicexml.org <mailto:dirk.schnelle@jvoicexml.org> > wrote: Dear Debbie, Yes, some comments from my side The description of this component reads: A registry that knows how to access the known IPA Providers, i.e., which are available and credentials to access them. It is more of the kind that some instance should know which IPAs are available. So, it does not contradict your view. That part however is not part of the diagrams. Dirk Am 14.10.2021 20:35 schrieb Deborah Dahl <Dahl@conversational-Technologies.com <mailto:Dahl@conversational-Technologies.com> >: Looking at the architecture diagram https://w3c.github.io/voiceinteraction/voice%20interaction%20drafts/paArchitecture-1-2.htm#walkthrough, I'm wondering if the accounts/authentication box should be removed from the Provider Selection Service box and added to each individual IPA Provider. That way each individual IPA provider would be responsible for authenticating users according to its own requirements. Some IPA's might want to be completely open and some, like a financial site, might have strict authentication requirements. It's hard to think of how a central accounts/authentication step would be able to meet the needs of any arbitrary IPA. This architecture would also be more in line with the Web, where each website is responsible for authenticating its own users. Comments?
Received on Thursday, 14 October 2021 20:58:29 UTC