On 10/01/2010 01:21 PM, Peter Firmstone wrote:
I think we have to be very careful about placing the burden of security decisions on users, history has shown the user makes bad choices.
I'm a strong believer in trustchains. Because this is how humans already work, 'your friend is my friend', and technology should support the already existing mechanisms, not deteriorate it.
Then based on the feedback the user provides about the level of trust, we can determine if the Permission's the service has requested is consistent with the level of trust.
A sort of 'crowd clearing' vs 'clearinghouse'?
I think corporate environments are generally slow adopters of technology.
But i think we can solve the problems of both communities (corporate & private).
Signing with a certificate and allowing only specific signatures, will allow for rigid certification safeguards.
Gr. Sim
