On 16-Oct-06, at 2:01 PM, Josh Hoyt wrote:

> On 10/16/06, Marius Scurtescu <[EMAIL PROTECTED]> wrote:
>> In this case you are better off opening a separate account with this
>> or some other IdP. The current delegation model will not protect you
>> at all. The delegate tag is in a publicly accessible Yadis document.
>> I agree that anonymity is an important feature, but the current
>> solution gives you only a false sense of security.
> What's "the current solution" that you're talking about? As far as I

draft 10, the delegate tag in the Yadis document and the RP sending  
only the delegate id to the IdP

> know, no one is suggesting portable identifiers as a way to achieve
> anonymity. I also do not think anyone is suggesting that IdP-driven
> identifier selection will make you anonymous *to the IdP.*

Right, but many people seem to be under the impression that this  
delegate tag (or hiding the portable id from the IdP) will give you  
some security or anonymity. I am not saying that this was the  
original intent or that this is one of the goals.


specs mailing list

Reply via email to