Re: Social Web XG Extra Meeting Wed. Oct 6th (12:00 Boston/16:00 London) - Wrapping up Final Report Take 2 from Paul Trevithick on 2010-10-07 (public-xg-socialweb@w3.org from October 2010)

From: Paul Trevithick <ptrevithick@gmail.com>
Date: Thu, 7 Oct 2010 09:31:49 -0400
To: Harry Halpin <hhalpin@ibiblio.org>
Cc: Kaliya <kaliya@mac.com>, Dick Hardt <dick.hardt@gmail.com>, Mischa Tuffield <mischa.tuffield@garlik.com>, "public-xg-socialweb@w3.org" <public-xg-socialweb@w3.org>
Message-Id: <ECD7BCC8-06F4-42FF-817A-4198065CFA4A@gmail.com>

+1

On Oct 7, 2010, at 9:08 AM, Harry Halpin wrote:

> On Thu, Oct 7, 2010 at 2:48 PM, Paul Trevithick <ptrevithick@gmail.com> wrote:
>> 
>> On Oct 7, 2010, at 8:29 AM, Harry Halpin wrote:
>> 
>> <snip>
>> 
>>> We call "identity selector" -> "profile provider", which is where we
>>> put attribute (claims). So we can phrase it more strongly:
>>> 
>>> "Many technologies like Infocards and OpenID (particularly with
>>> Attribute Exchange) make claims by providing attributes  and so are
>>> profile providers,
>> 
>> correct
>> 
>>> and this may be bound with particular identity
>>> providers.
>> 
>> awkward, but okay.
>> 
> 
> Trying to nail this just right:
> 
> Using an identity selector, a user may want to select amongst multiple
> profiles (each of which could be a personae) and their attendant set
> of attributes. Each of these set of claims could be hosted by
> different providers."
> 
> It seems the rest is fine. I'll check that in.
> 
> 
>>> they select amongst possible multiple profiles, each of which could
>>> correspond to a personae.
> 
>>> Often these technologies are called "identity selectors"
>> 
>> Huh? Simply not true. We do NOT call these technologies "identity selectors".
>> 
>>> as
>>> they select amongst possible multiple profiles, each of which could
>>> correspond to a personae.
>> 
>> An identity selector is a layer above the IdPs. An identity selector is something that lets you choose pick which sets of claims from which IdPs.
>> 
> 
> That is what I was trying to express below.
> 
> 
> 
>> [An aside: there are three kinds of selector architectures BTW: client-side (a la CardSpace), RP-side (a la Janrain) and cloud-based (Kantara Identity Selector Agent, Avoco Cloud Selector, Higgins Cloud Selector).]
> 
> Yes, we did not go into Cloud/Kantara work unforunately, but I think
> we'll follow up on that later, and focused mostly on the client side!
> 
>> 
>> 
>>> Attributes can be very simple identifiers,
>>> like an OpenID URL, while they could also make a claim without
>>> revealing an identifier."
>> 
>> Yes, or a persistent Rp-specific pseudonym can be computed and provided (a la IMI "PPID" private personal id)

Received on Thursday, 7 October 2010 13:32:38 UTC