At the end of the day, the user has to trust someone, and first of
all, the user has to trust himself.
Now if the user is not someone who can trust himself, then where is
the onus? Is it with govt, OP, or RP?
Community?
There are a few issues being conflated here. Whether the user has to
trust himself is a philosophical question (and yes, it IS a question!
- assertions that it is not possible to function in life without that
notwithstanding) for most, a practical question for some (but that
would be heading into esoteric neurocognitive territory, which is
horribly off-topic for this list). Whether the user as source of
identity information (and owning/controlling/possessing hardware to
make assertions about it) is trustworthy, is a very different
question - and then the user wonders who *can* be trusted to speak
for the user, and not for anyone else *but* the user.
I would prefer we have a mechanism for blacklists rather that
whitelist. I like the idea of blacklist because all OP's can start
from a clean slate and land up on a blacklist, if they have done
badly. This is more or less the way anti spam mechanism has worked
on the internet.
And its success has been proven, because we don't have spam anymore.
. . . waittaminute . . .
-Shade
_______________________________________________
specs mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-specs
