I'm interested in contributing an answer:
- I can't see any incentives for other providers to be "disintermediated" by a broker entity :-)
An alternate model is to define the "broker" as a P2P network of nodes that must collaborate to maintain (their client's) data privacy.
/thomas/
________________________________________
From: wg-uma-bounces@kantarainitiative.org [wg-uma-bounces@kantarainitiative.org] on behalf of Adrian Gropper [agropper@healthurl.com]
Sent: Saturday, October 24, 2015 11:27 AM
To: Justin P Richer
Cc: wg-uma@kantarainitiative.org UMA
Subject: Re: [WG-UMA] NIST Seeks Comments on New Project Aimed at Protecting Privacy Online
I'm interested in contributing to this comment and a session at IIW.
Adrian
On Sat, Oct 24, 2015 at 11:24 AM, Justin Richer mailto:jricher@mit.edu> wrote:
My view on this remains “to increase privacy get rid of brokers”. A full mesh SAML or PKI federation is untenable, so that’s why we’ve deployed brokers in the past. But OIDC, with dynamic client registration and server discovery, is built for this. I believe wee need to move towards this model.
Is anyone interested in writing up a response to that effect with me? Perhaps we could run a session on it at IIW this week for those of us that will be there (including myself).
— Justin
On Oct 23, 2015, at 8:29 AM, Andrew Hughes mailto:andrewhughes3000@gmail.com> wrote:
Hi UMAnitarians - not sure if you've seen this notice yet
I'm vice-chair of IAWG & we are probably going to assemble comments on this.
"Privacy-Enhanced Identity Brokers"
Comments to inform a new collaborative project & eventual 1800 series Practice Guide at the NIST NCCoE
Due 18 December
http://www.nist.gov/itl/acd/ncce/20151022privacy.cfm
Andrew Hughes CISM CISSP
Independent Consultant
In Turn Information Management Consulting
o +1 650.209.7542tel:%2B1%20650.209.7542
m +1 250.888.9474tel:%2B1%20250.888.9474
1249 Palmer Road,
Victoria, BC V8P 2H8
AndrewHughes3000@gmail.commailto:AndrewHughes3000@gmail.com
ca.linkedin.com/pub/andrew-hughes/a/58/682/http://ca.linkedin.com/pub/andrew-hughes/a/58/682/
Identity Management | IT Governance | Information Security
_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.orgmailto:WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.orgmailto:WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/