attribute release discussion
Hi all - On the call yesterday I promised to send out a link to a document-in-progress regarding attribute release. This work is being done by REFEDS (https://refeds.org/), an international group of research and education federation representatives chartered by TERENA (Trans-European Research and Education Networking Association) to discuss issues involving identity and access management. This is a work in progress, but I think it touches on some very interesting areas of attribute management. I am curious to know if there is any similar work being done in other verticals. https://refeds.terena.org/index.php/Attribute_Release_Recommendations Discussion and feedback welcome, and will be fed back in to that working group. Heather Flanagan
Eric Sachs from Google gave yesterday a presentation on Google's street identity project at the Internet Identity Workshop, and mentioned a couple of interesting points related to attribute management: - The Open Attribute Exchange Workgroup (having a summit in Washington, D.C. on Nov 9-10) - LMNOP Attribute Provider The presentation covered concepts how to monetize the street address attribute. This and other related topics can be found at the site mentioned above. - Rainer
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/20/2011 04:14 PM, Rainer Hoerbe wrote:
Eric Sachs from Google gave yesterday a presentation on Google's street identity project at the Internet Identity Workshop, and mentioned a couple of interesting points related to attribute management: - The Open Attribute Exchange Workgroup (having a summit http://sites.google.com/site/streetidentitylmnop/home in Washington, D.C. on Nov 9-10) - LMNOP Attribute Provider http://sites.google.com/site/streetidentitylmnop/workinggroup/lmnopap
The presentation covered concepts how to monetize the street address attribute. This and other related topics can be found at the site mentioned above.
Also the PLOA - Personal LOA which is a bit of a mis-nomer - is actually about differentiated attribute-release. It is fraught with problems. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6gVEgACgkQ8Jx8FtbMZnd8PwCeP3RvaOJ/ulBZMuvtk92dhF71 YikAoJNEuS1f+IxLwlQ0uAoC7VT4t5sL =8p0j -----END PGP SIGNATURE-----
The aim of the PLOA is transaction based assurance. I'm sure the editor
would appreciate feedback. If people would like to connect with the editor
let me know.
The PLOA paper can be found here:
-
http://www.idcommons.org/wp-content/uploads/2011/10/PLOA-White-Paper-v1.02.p...
thx,
=Joni
On Thu, Oct 20, 2011 at 10:03 AM, Leif Johansson
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/20/2011 04:14 PM, Rainer Hoerbe wrote:
Eric Sachs from Google gave yesterday a presentation on Google's street identity project at the Internet Identity Workshop, and mentioned a couple of interesting points related to attribute management: - The Open Attribute Exchange Workgroup (having a summit http://sites.google.com/site/streetidentitylmnop/home in Washington, D.C. on Nov 9-10) - LMNOP Attribute Provider http://sites.google.com/site/streetidentitylmnop/workinggroup/lmnopap
The presentation covered concepts how to monetize the street address attribute. This and other related topics can be found at the site mentioned above.
Also the PLOA - Personal LOA which is a bit of a mis-nomer - is actually about differentiated attribute-release. It is fraught with problems. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk6gVEgACgkQ8Jx8FtbMZnd8PwCeP3RvaOJ/ulBZMuvtk92dhF71 YikAoJNEuS1f+IxLwlQ0uAoC7VT4t5sL =8p0j -----END PGP SIGNATURE----- _______________________________________________ DG-AM mailing list DG-AM@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-am
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/24/2011 05:52 PM, Joni Brennan wrote:
The aim of the PLOA is transaction based assurance. I'm sure the editor would appreciate feedback. If people would like to connect with the editor let me know.
The PLOA paper can be found here: - http://www.idcommons.org/wp-content/uploads/2011/10/PLOA-White-Paper-v1.02.p...
Actually I think transaction-based assurance is already well provided for in the FICAM deployment profile and using LOA context classes (or iso29115level openid connect claim or whatever its called there). My understanding of PLOA is that its about attribute redress; if you don't get shoesize then send the user to a page asking for shoesize and then try again. I remarked in the PLOA session att IIW that this is a *huge* phishing problem if you get hit with some XSS - missing the shoesize attribute causes the redress endpoint to ask for social security number instead. Cheers Leif -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6ltJkACgkQ8Jx8FtbMZnfCaACfRrmYiFNRWBp1dvaisvzlo6C8 E4wAoIwmEz77Qqh4yZkHLOu62YqdhD4+ =Ccyp -----END PGP SIGNATURE-----
participants (4)
-
Heather Flanagan -
Joni Brennan -
Leif Johansson -
Rainer Hoerbe