[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Auth]My two cents
|
From: |
Lloyd Llewellyn |
|
Subject: |
Re: [Auth]My two cents |
|
Date: |
16 Jul 2001 12:30:44 -0400 |
>> this solves the problem of data storage being decentralised and not
being collected by any one place as the DATA stays on the clients
computer. <<
I like the idea of separating personal data from the authentication
mechanism, but I would also want the ability to centralize the personal
data. Basically, in your statement, I suggest replacing "client's
computer" with "client's workstation or 'personal data server'..."
I may want to set up my own "personal data" server, which:
- centralizes data for my convenience (avail from work, home, on the
road, etc)
- protects my privacy since I set up, run, and maintain the server
myself
- allows me, as the geek in my family and circle of acquaintances, to
host their personal data on my server, providing them the service for
free while depriving MS of their data and transaction income.
This server would then work in conjunction with the auth server, which:
- can have sufficient prominence and credibility to be trusted by
merchants
- still has no knowledge of my personal data - just my identity.
Naturally, non-technical users could opt to use a third-party "personal
data server" provider they trust, or keep the data locally on the client
(perhaps with some replication facility for mobile devices).
Or, those that don't care can choose to store personal info with the
authorization provider - but the specification should require that this
separation be allowed.
To summarize: "Personal data servers" preserve privacy for the
individual, while "authentication servers" provide credibility to
merchants.