- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Mon, 29 Jun 2015 13:27:27 +0200
- To: Kingsley Idehen <kidehen@openlinksw.com>, public-webid@w3.org
On 2015-06-29 13:07, Kingsley Idehen wrote: > On 6/28/15 4:13 PM, Harry Halpin wrote: >> A redesign that works with privacy and security concerns would be >> welcomed. However, that would require the WebID community leaving its >> comfort zone and engaging with the security and privacy community >> seriously, which could would be very productive for all concerned. I >> hope you all can actually do that. > > Harry, > > Does the privacy concern boil down to the following: > > 1. x.509 certs (Identity Card) contain personally identifiable > information ? > 2. Identity Providers can track activities of users for whom they've > provided X.509 certs ? Kingsley, That's a very relevant question because both of these issues apply to widely used IdP's like Google. I guess a part of the problem is that [close to] the entire industry have turned their interest to FIDO Alliance. There are though a few "rebels" out there (like me) who do not see FIDO as the only valid solution, particularity not for payments. Anders
Received on Monday, 29 June 2015 11:28:07 UTC