- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sat, 7 Nov 2015 15:07:46 +0100
- To: Erik Anderson <eanders@pobox.com>, Web Payments IG <public-webpayments-ig@w3.org>
On 2015-11-06 21:31, Erik Anderson wrote: > enter privacy and consumer protections. <snip> > ALL the negatives said: > - I think this effort is possible > - I think it would be better to standardize an Identity Service Provider > interface that includes strong authorization and credential sharing. Before any work is started, I think we need to figure out (approximately) how such an authorization and credential sharing system would actually work. There is also an obvious alternative to cloud-based credentials and that are credentials that you carry yourself in some kind of secure container and selectively disclose to parties that request such information and you accept. This already deployed on a massive level through e-passports but personally I prefer mobile phones as carriers since these come with a UI as well. Mobile BankID provided by Swedish banks is a pretty successful example of the latter. Disclaimer: my former employer built the "engine" (CA) for this ID-network. Anders
Received on Saturday, 7 November 2015 14:08:21 UTC