I would love to see folks hear that also blog not only continue to discuss 
federated identity but also consider of the course of several additional 
postings also talk about the need for federated authorization. Consider an 
example where a Doctor in a hospital is having an electronic interaction with a 
healthcare insurance provider. The hospital should be the identity provider 
while the entity that licensed the Doctor for given sets of practices should be 
responsible for certain forms of authorization.

If we only talk about identity without authorization, the conversation will 
result in lots of great software where folks who create them won't make any 
money since consumer-centric interactions have volume without corresponding 
revenue. 


*************************************************************************
This communication, including attachments, is
for the exclusive use of addressee and may contain proprietary,
confidential and/or privileged information.  If you are not the intended
recipient, any use, copying, disclosure, dissemination or distribution is
strictly prohibited.  If you are not the intended recipient, please notify
the sender immediately by return e-mail, delete this communication and
destroy all copies.
*************************************************************************

_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs

Reply via email to