Justin, Is there a write-up of the solution you're proposing? Anyone, Can technology like the Bitcoin Hierarchical Deterministic Wallet enable an individual to act as their own identity broker? Adrian On Sat, Oct 24, 2015 at 11:38 AM, John Bradley <ve7jtb@ve7jtb.com> wrote:
That is more or less my default position.
There may be times when it is more efficient for administrative reasons to proxy a group of RP via a gateway. In general gateways create more privacy issues than they solve.
It is probably worth discussing at IIW. I expect NIST will be raising the issue in the iGov WG as well.
John B.
On Oct 24, 2015, at 12:24 PM, Justin Richer <jricher@mit.edu> wrote:
My view on this remains “to increase privacy get rid of brokers”. A full mesh SAML or PKI federation is untenable, so that’s why we’ve deployed brokers in the past. But OIDC, with dynamic client registration and server discovery, is built for this. I believe wee need to move towards this model.
Is anyone interested in writing up a response to that effect with me? Perhaps we could run a session on it at IIW this week for those of us that will be there (including myself).
— Justin
On Oct 23, 2015, at 8:29 AM, Andrew Hughes <andrewhughes3000@gmail.com> wrote:
Hi UMAnitarians - not sure if you've seen this notice yet
I'm vice-chair of IAWG & we are probably going to assemble comments on this.
"Privacy-Enhanced Identity Brokers"
Comments to inform a new collaborative project & eventual 1800 series Practice Guide at the NIST NCCoE
Due 18 December
http://www.nist.gov/itl/acd/ncce/20151022privacy.cfm
*Andrew Hughes *CISM CISSP Independent Consultant *In Turn Information Management Consulting*
o +1 650.209.7542 m +1 250.888.9474 1249 Palmer Road, Victoria, BC V8P 2H8 AndrewHughes3000@gmail.com ca.linkedin.com/pub/andrew-hughes/a/58/682/ *Identity Management | IT Governance | Information Security *
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/