W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2015

Re: Technical Review of WebAppSec Credential Management API [2/3] (was Re: Overlap with Credentials/Web Payments CG)

From: Brad Hill <hillbrad@gmail.com>
Date: Thu, 16 Apr 2015 02:00:32 +0000
Message-ID: <CAEeYn8gFrVDhsSBysaRgt-1eAhqGcm+zRv8_KuQGPpshDM=TfQ@mail.gmail.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
With <hat=individual>, regarding a suggestion I've seen to change what is
being stored/managed from "credential" to "identity": -1

If there is a word that is even more overloaded, fraught with complexity,
dense with both technical and lay meaning, and with a history of grandiose
attempts to boil the ocean, than the word "Credential", that word is

Please, let us not use that word.  My bank account is not an identity. My
email address is not an identity.  The means by which I authenticate to
them are not identities, and their relationship to each other and my actual
identity/identities are many-to-many.

If the proposal on the table at rechartering had been for an "identity
manager" I would have leapt out of my chair to keep this group out of that
particular tar pit.

In a similar vein, I've filed an issue suggesting changing the name of the
"avatar" attribute to "icon" to avoid any connotations of identity.

-Brad Hill
Received on Thursday, 16 April 2015 02:01:14 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:48 UTC