The bottom of the porter says:

What is an IDentity Attribute?

- what you are
- what you know
- what you have
- what you do

Are these not the factors or methods of authentication?

I have been in this industry for over 12 years and these (three and now 4 things) have always been referred to as authentication factors.

Right? 

Here is a whole Twitter thread that got started .....https://mobile.twitter.com/dgwbirch/status/838064419385016320

Sent from my iPhone

Sent from my iPhone

On Mar 7, 2017, at 4:08 AM, Nat Sakimura <nat@sakimura.org> wrote:

Not necessarily　"most", I think ;-)

ISO/IEC 24760-1 defines:

3.1.2

identity

set of attributes (3.1.3) related to an entity (3.1.1)

3.1.3

attribute

characteristic or property of an entity (3.1.1) that can be used to describe its state, appearance, or other aspects

so, it is apparently a wider concept for those people who worked on it.

And with the definition, many "difficult" questions become degenerated.

My take is: attributes that are necessary to offer the service are more important than others.

It could be a verified identifier, or verified address, or verified age, etc.

Nat

---

Nat Sakimura

Chairman, OpenID Foundation

On 2017-03-07 19:02, swilson@lockstep.com.au wrote:

In essence, I think most IDAM professionals would agree that

attributes are things that RPs need to know about Subjects in order to

[help] decide whether or not to accept a message, document etc. Some

of the nice questions we're all dealing with currently are:

- are attributes (ie what someone is) more important than "identity"

(ie who someone is)?

- how do you know that a given attribute about a Subject is true of

the Subject?

- that is, what authority vouches for the attribute?

- and how do you know that a presented attribute is bound to the

Subject and isn't being replayed?

If an attribute is something that we need to know about someone, then

clearly passwords are something else. Likewise for PINs (the cool

thing about PINs when at matched on-card is that nobody other the

Subject ever knows the PIN). And CVVs.

And then there is biometrics. There are broadly two modes of biometric

presentation: One-to-One, where it is generally preferred that the

biometric is matched locally in order to unlock a device (ala FIDO, or

Apple iTouch), and One-to-Many (often tellingly called

"identification") where I suppose the attribute could be regarded as

an attribute. But the general aversion to One-to-Many matching of

biometrics points to an ideal where biometrics are NOT identity

attributes!

Cheers,

Steve.

Stephen Wilson

LOCKSTEP GROUP

W: http://lockstep.com.au

T: @steve_lockstep

_Lockstep Consulting provides independent specialist advice and

analysis _

_on digital identity and privacy. Lockstep Technologies develops

unique _

_new smart ID solutions that enhance privacy and prevent identity

theft. _

-----Original Message-----

From: "David Chadwick" <D.W.Chadwick@kent.ac.uk>

Sent: Tuesday, 7 March, 2017 6:07pm

To: dg-idpro@kantarainitiative.org

Subject: Re: [DG-IDPro] IdM Poster. (thats wrong)

Hi Kaliya

Glad you are not in my class!

Seriously though, passwords are identity attributes if one regards

every

piece of information that is associated with a user as an identity

attribute. But they are clearly not identifiers in the general case,

as

they do not uniquely identify anyone, given that 'password' and

'123456789' are two of the most common passwords on the Internet.

However, if you have a very strong password then it is possible that

it

could be an identifier, if you are the only person in the world using

that password.

regards

David

On 07/03/2017 04:24, Kaliya Identity Woman wrote:

HI ID Pro's

As those of you know who attended the ID-Pro breakfast at RSA.. I'm

in

the new Masters of Science in Identity Management and Security at UT

Austin.

There have been some challenges in what has been taught... including

that the factors of authentication are not that...but "identifying

Information" or as in the poster below says "Identity Attributes"

They also have taught that password are identifiers (yes this was

actually taught)... in this poster on the other side they are

identity

attributes..yes identity attributes. Sigh. I have raised issues

about

these two things that have been taught...and well not gotten very

far.

(besides being told i'm a "bad student" and "unwilling to learn".

But now they have this fabulous poster. I'm hoping some of you with

blogs or twitter handles can point at the poster - references it and

explain why both things are wrong. (cause they, specifically Dr.

Barber

and Dr. Doty don't believe me.

Or maybe this group could write a joint letter explaining its

'wrongness" it snot great that this center is putting out this

information...it doesn't help us in the long run get explaining this

stuff right.

Here is the post on their site with the poster.

https://identity.utexas.edu/infographics/identity-attributes-and-the-identity-ecosystem

Here is Dr Barbers faculty page

- http://www.ece.utexas.edu//people/faculty/suzanne-barber

Dr. Doty's

https://www.ischool.utexas.edu/people/person_details?PersonID=22

_______________________________________________

DG-IDPro mailing list

DG-IDPro@kantarainitiative.org

http://kantarainitiative.org/mailman/listinfo/dg-idpro

_______________________________________________

DG-IDPro mailing list

DG-IDPro@kantarainitiative.org

http://kantarainitiative.org/mailman/listinfo/dg-idpro

_______________________________________________

DG-IDPro mailing list

DG-IDPro@kantarainitiative.org

http://kantarainitiative.org/mailman/listinfo/dg-idpro

_______________________________________________

DG-IDPro mailing list

DG-IDPro@kantarainitiative.org

http://kantarainitiative.org/mailman/listinfo/dg-idpro

_______________________________________________
DG-IDPro mailing list
DG-IDPro@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/dg-idpro