On 8/1/11 12:11 PM, John Bradley wrote:
This has nothing to do with NSTIC and everything to do with what is perceived as valuable in making social networks successful. It may or may not have something to do with Googles minimization model.
This level of pretend identity proofing would not be sufficient for NSTIC.
Not necessarily. NSTIC doesn't specify any particular level of identity proofing, and it's really up to the Relying Party what if any proofing they need. Of course, verifying that users have names that appear to be real isn't identity proofing at all. Does that mean that the dog in the IIW logo is OK on Google+ if his name is "Fred Smith" but not if his name is "Rover Smith"?
I expect that google will continue to make pseudonymous federated identity possible (perhaps no longer their default).
They were the ones who insisted on it in openID 2.0.
I don't think this or Facebook's misdeeds can be attributed to NSTIC which is mostly a wish list of things that could or should be part of a future Identity ecosystem.
However I would expect the NSTIC privacy people to say this is what you get in a totally free market solution. Perhaps another argument for a NSTIC type plan.
Agreed; it is the Relying Party's business decision that drove the "use your real name" community standard in Google+. -Jim