My view on this remains “to increase privacy get rid of brokers”. A full mesh SAML or PKI federation is untenable, so that’s why we’ve deployed brokers in the past. But OIDC, with dynamic client registration and server discovery, is built for this. I believe wee need to move towards this model.Is anyone interested in writing up a response to that effect with me? Perhaps we could run a session on it at IIW this week for those of us that will be there (including myself).— JustinOn Oct 23, 2015, at 8:29 AM, Andrew Hughes <andrewhughes3000@gmail.com> wrote:_______________________________________________Hi UMAnitarians - not sure if you've seen this notice yetI'm vice-chair of IAWG & we are probably going to assemble comments on this."Privacy-Enhanced Identity Brokers"Comments to inform a new collaborative project & eventual 1800 series Practice Guide at the NIST NCCoEDue 18 Decemberhttp://www.nist.gov/itl/acd/ncce/20151022privacy.cfmAndrew Hughes CISM CISSP
Independent Consultant
In Turn Information Management Consultingo +1 650.209.7542
m +1 250.888.9474
1249 Palmer Road,
Victoria, BC V8P 2H8
AndrewHughes3000@gmail.com
ca.linkedin.com/pub/andrew-hughes/a/58/682/
Identity Management | IT Governance | Information Security
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma