On 09/23/2013 02:33 PM, Sam Hartman wrote: >>>>>> "David" == David Chadwick <[email protected]> writes: > David> Section 1. i) Data Minimization and User Participation: > David> "There is currently no direct client participation in this > David> decision." (i.e. release of identity attributes). We should > David> say at this juncture that this is a major deficiency in > David> existing federated systems, since the user does not have full > David> consent or control over which of his identity attributes are > David> released. This should be fixed in Abfab > > I do not support this change. > > There are some cases where this is a major deficiency, but it's not > entirely clear whether fixing this at the ABFAB layer is the right > approach. > > I'd argue that trying to fix the concent problem in a general manner at > the federation layer may have done more harm over the years than the > privacy problem that is trying to be addressed. With my chair-switch secured in the OFF position: I agree with Sam 100% here. > > > David> iii) I dont buy into your whiteboard example of single entity > David> authentication, because a hacked whiteboard could trick the > David> user into opening the wrong file, which could be disasterous > David> during an important business meeting. SO mutual > David> authentication is needed here as well. If you want an example > David> where mutual authentication is not important, its one where > David> either the information being accessed is of very little value > David> to the accessor so that it does not matter if it is erroneous > David> information or not, or one where it does not matter who the > David> accessor is i.e. its public information. > > Most of the tools I'm familiar with for screen sharing etc would not > allow the white board to pick the presentation/file. > I'd support adding a comment that you don't want to run UI on the white > board, but no I think I completely disagree with your proposed > constraints on when this is useful. > > --Sam > _______________________________________________ > abfab mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/abfab
_______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
