Hi Sam
On 23/09/2013 13:33, Sam Hartman wrote:
"David" == David Chadwick <[email protected]> writes:
David> Section 1. i) Data Minimization and User Participation:
David> "There is currently no direct client participation in this
David> decision." (i.e. release of identity attributes). We should
David> say at this juncture that this is a major deficiency in
David> existing federated systems, since the user does not have full
David> consent or control over which of his identity attributes are
David> released. This should be fixed in Abfab
I do not support this change.
Which change do you not support
a) saying that this is a major deficiency in existing federated systems
b) saying that Abfab should fix this
c) both
There are some cases where this is a major deficiency, but it's not
entirely clear whether fixing this at the ABFAB layer is the right
approach.
So it appears that you support a) but not b). So can you simply add a).
I'd argue that trying to fix the concent problem in a general manner at
the federation layer may have done more harm over the years than the
privacy problem that is trying to be addressed.
Actually in my previous research we fixed this in a layer above the
federation layer, which we called the attribute aggregation layer. So I
agree that it is best to not fix it in the federation layer.
David> iii) I dont buy into your whiteboard example of single entity
David> authentication, because a hacked whiteboard could trick the
David> user into opening the wrong file, which could be disasterous
David> during an important business meeting. SO mutual
David> authentication is needed here as well. If you want an example
David> where mutual authentication is not important, its one where
David> either the information being accessed is of very little value
David> to the accessor so that it does not matter if it is erroneous
David> information or not, or one where it does not matter who the
David> accessor is i.e. its public information.
Most of the tools I'm familiar with for screen sharing etc would not
allow the white board to pick the presentation/file.
Meaning that the user sends an already chosen file to the whiteboard?
In which case I agree with you.
I'd support adding a comment that you don't want to run UI on the white
board, but no I think I completely disagree with your proposed
constraints on when this is useful.
I would be interested to learn of another generic type of use case where
you think that mutual authn is not needed
regards
David
--Sam
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
