- From: <eanders@pobox.com>
- Date: Mon, 30 Sep 2013 09:01:54 -0400
- To: public-webpayments@w3.org
I would agree we need to separate authentication and identification from
"Identity". We need to tackle these 2 things separately. I recommend
they be in this order.
1) Authentication
- 3 factor at a minimum. I wouldnt support anything less.
a. Something you know
b. Something you have
c. Something you are
- As an example, our next generation BUNITS
(http://www.bloomberg.com/bunit/Overview_Features.pdf) provide up to 5
factor authentication).
We have had these for 7+ years now and they get better every 1-2
years.
With the advent of the iPhone5s with the finger print scanner I
would guess it is possible to role these features into an iPhone5s app.
2) Identification
- No identification without authentication.
- Provide user approved access to 1 or more attributes about the
user.
Example:
a) Age
b) Sex
c) Email address
d) Race
e) Passport Image and metadata
f) Drivers License Image and metadata
g) Home Address
h) Social Security Number
i) etc...
- All attributes are on a need-to-know basis. You shouldnt get
access to someones SSN just to buy some cough medicine.
Possibly a vendor authorization list of what attributes they are
allowed to request access to?
Erik
Received on Monday, 30 September 2013 13:06:03 UTC