Re: Web Payments and Identity from Kingsley Idehen on 2013-09-30 (public-webpayments@w3.org from September 2013)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Mon, 30 Sep 2013 10:58:06 -0400
To: public-webpayments@w3.org
Message-ID: <5249917E.5080309@openlinksw.com>

On 9/30/13 9:01 AM, eanders@pobox.com wrote:
> I would agree we need to separate authentication and identification 
> from "Identity".  We need to tackle these 2 things separately.  I 
> recommend they be in this order.
>
> 1) Authentication
>   - 3 factor at a minimum.  I wouldnt support anything less.
>      a. Something you know
>      b. Something you have
>      c. Something you are
>   - As an example, our next generation BUNITS 
> (http://www.bloomberg.com/bunit/Overview_Features.pdf) provide up to 5 
> factor authentication).
>     We have had these for 7+ years now and they get better every 1-2 
> years.
>     With the advent of the iPhone5s with the finger print scanner I 
> would guess it is possible to role these features into an iPhone5s app.
> 2) Identification
>    - No identification without authentication.
>    - Provide user approved access to 1 or more attributes about the user.
>      Example:
>      a) Age
>      b) Sex
>      c) Email address
>      d) Race
>      e) Passport Image and metadata
>      f) Drivers License Image and metadata
>      g) Home Address
>      h) Social Security Number
>      i) etc...
>    - All attributes are on a need-to-know basis.  You shouldnt get 
> access to someones SSN just to buy some cough medicine.
>      Possibly a vendor authorization list of what attributes they are 
> allowed to request access to?
>
> Erik
>
>
>
>
I understand the parts as follows:

1. Identity -- ethereal
2. Identifiers -- denote ("refer to" or name) ethereal identities e.g., 
an HTTP URI can denote an Agent (Person, Organization, Machine etc..)
3. Identity Document -- a document (various media forms associated with 
respective media formats) comprised of Identity Claims ; typically 
attribute=value pairs that coalesce around an identifier in the form of 
an entity relationship graph
4. Authentication Protocol -- which works with Identity Document en 
route to verifying its Identity Claims
5. Trust Web or Web of Trust -- a Network built upon items 1-4 above.


-- 

Regards,

Kingsley Idehen 
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Monday, 30 September 2013 14:58:35 UTC