Category: Digital Identity
-
Julian Bond asks: “What did I write and who replied”
Let me try to answer his question to the Identity Gang here: Has Identity 2.0 got anything to say about this? Is the[re] some strategy where we can put a positive marker in our scribblings [all over the web] so that automated processes can find them all and bring them all back together? Identity 2.0…
-
Andre Durand: shorter assertion lifetimes will always prevail over longer assertion lifetime
He quotes Darren Platt (unfortunately, he does not provide a link), who apparently said: …shorter assertion lifetimes will always prevail over longer assertion lifetime values, given the infrastructure to deal with them is in place. I very much agree. Which is why LID is an “on-line” system, built around light-weight on-line queries that can be…
-
We might not need round-trip nonces in LID
It occurred to me that we might not have to do “round-trip nonces” at all between a Relying Party and the LID site to prevent replay attacks. The following one-directional protocol seems to be sufficient (using our patient Mr. LID Demo User and FirstSSO Inc. as an example, as always) The challenger (e.g. the LID…
-
More on the relationship between InfoCard and the Identity Metasystem
Many people (e.g. Doc Searls, Julian Bond, Dave Kearns) have pointed out to me that InfoCard isn’t the Identity Metasystem and won’t become it in the future either, since my post on Monday, and they are of course right. InfoCard, at the most, will be a component of such an Identity Metasystem, and there will…
-
What might an “Identity Meta-System” be?
Microsoft InfoCard is frequently described as an "Identity Meta-System" (as opposed to, say, Microsoft Passport, which is/was a plain identity system and not a meta-system). This term seems to have beek picked up widely, but like some others (e.g. Doc Searls), the longer I think about it, the more I realize that I have a…