dotgnu-auth
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]Freport Update

From: Hans Zandbelt
Subject: Re: [Auth]Freport Update
Date: Fri, 15 Mar 2002 14:54:44 +0100 
At 08:02 3/15/2002 -0600, John wrote:
>convenience. Build paranoia into our solution from the start as we
>originally planned, assume that everyone is dishonest and will try to
>benefit from dishonesty.

It is impossible to build a virtual identity system if you
don't trust anyone. In fact, it is not even necessary to build
one in that case: you wouldn't trust anyone to with the data
that you provide with it anyway.
The whole point of a virtual identity system is that it
must enforce the rules about trust that you have.

>As I said before, I only believe that people should be informed, and if
>Hans can show me that the transactional metadata cannot be collected
>under his current design *in any sane usage scenario*, then I will
>renounce my objection: and probably apologize. 

There is no need for any apologize, from me nor from you.
My statement is that IDsec does not allow transactional metadata to
be collected by anyone that you don't trust. I think this is
a sane scenario ;-)

Hans.


------------------------------------------------------------
Hans Zandbelt                         address@hidden 
Telematica Instituut                     http://www.telin.nl 
P.O.Box 589, 7500 AN                   Phone: +31 53 4850445 
Enschede, Netherlands                    Fax: +31 53 4850400
reply via email to
[Prev in Thread] Current Thread [Next in Thread]