> Behalf Of Dick Hardt > > The way I read the original post, it sounds like Phillip is > describing > > two types of "data": > > > > 1) self-asserted > > 2) third-party asserted > > > > I'm all for saying that data can be self-asserted or third-party > > asserted... but I don't want to start categorizing the information > > based on what "can" be self-asserted vs. third-party. > > Glad we agree and that we have "clarified" Phillip's post! > > Phillip, are you in agreement? (don't want to speak for you)
There are certainly some types of data that makes it very unlikely that anyone would want to trust a self-asserted claim on, e.g. "I am not a spammer". But in general most of the data being traded today can be self asserted. For example nobody seems to have much of a problem with self asserted zip codes, even though many people automatically enter a bogus one. One caution I would suggest is to not use credit card information as an example of the type of profile information that might be stored. While it is certainly possible to store such data in principle there are major security and liability considerations that are attached. Unless the proposal is being made by someone with a deep understanding of the payments business it is likely to get picked appart pretty quickly by the security vultures. _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
