Re: Social Web XG Extra Meeting Wed. Oct 6th (12:00 Boston/16:00 London) - Wrapping up Final Report Take 2 from Harry Halpin on 2010-10-07 (public-xg-socialweb@w3.org from October 2010)

From: Harry Halpin <hhalpin@ibiblio.org>
Date: Thu, 7 Oct 2010 15:08:48 +0200
To: Paul Trevithick <ptrevithick@gmail.com>
Cc: Kaliya <kaliya@mac.com>, Dick Hardt <dick.hardt@gmail.com>, Mischa Tuffield <mischa.tuffield@garlik.com>, "public-xg-socialweb@w3.org" <public-xg-socialweb@w3.org>
Message-ID: <AANLkTimAeRkWkQt7D0WSCFHZFZNCcSNRYd9Lvc+RimRN@mail.gmail.com>

On Thu, Oct 7, 2010 at 2:48 PM, Paul Trevithick <ptrevithick@gmail.com> wrote:
>
> On Oct 7, 2010, at 8:29 AM, Harry Halpin wrote:
>
> <snip>
>
>> We call "identity selector" -> "profile provider", which is where we
>> put attribute (claims). So we can phrase it more strongly:
>>
>> "Many technologies like Infocards and OpenID (particularly with
>> Attribute Exchange) make claims by providing attributes  and so are
>> profile providers,
>
> correct
>
>> and this may be bound with particular identity
>> providers.
>
> awkward, but okay.
>

Trying to nail this just right:

Using an identity selector, a user may want to select amongst multiple
profiles (each of which could be a personae) and their attendant set
of attributes. Each of these set of claims could be hosted by
different providers."

It seems the rest is fine. I'll check that in.


>> they select amongst possible multiple profiles, each of which could
>> correspond to a personae.

>> Often these technologies are called "identity selectors"
>
> Huh? Simply not true. We do NOT call these technologies "identity selectors".
>
>> as
>> they select amongst possible multiple profiles, each of which could
>> correspond to a personae.
>
> An identity selector is a layer above the IdPs. An identity selector is something that lets you choose pick which sets of claims from which IdPs.
>

That is what I was trying to express below.



> [An aside: there are three kinds of selector architectures BTW: client-side (a la CardSpace), RP-side (a la Janrain) and cloud-based (Kantara Identity Selector Agent, Avoco Cloud Selector, Higgins Cloud Selector).]

Yes, we did not go into Cloud/Kantara work unforunately, but I think
we'll follow up on that later, and focused mostly on the client side!

>
>
>> Attributes can be very simple identifiers,
>> like an OpenID URL, while they could also make a claim without
>> revealing an identifier."
>
> Yes, or a persistent Rp-specific pseudonym can be computed and provided (a la IMI "PPID" private personal id)

Received on Thursday, 7 October 2010 13:09:21 UTC