[Concordia] Proposed agenda for 29 Jul 2008 Concordia communitycall

Josh Howlett Josh.Howlett at ja.net
Fri Aug 1 02:32:08 EDT 2008 



>> Wouldn't an agreement need to contain stuff like
>>
>> 1. whether an RP will accept self-issued?
>> 2. If it uses Cards, the responsibility of the user and not
>> just the idp? Such as who they had the card to?
>> 3. If it contains XACML, since it can specify more than
>> identity, that indemnification happens at other levels?
>> 4. If you are using cards, should the agreement say something
>> about preventing/allowing correlation?
>> 5. While protocols can be negotiated, should their be some
>> mention of order of preference?
>
> Perhaps, it really depends on what your use-case(s) are.
>
> I tend to look at PAs as magic goo that we plaster over the gaps that
> the properties of (1) technology and (2) the statutory/regulatory/ 
> policy
> environment impose on us.
>
> For example, PAs often include a stipulation to tell the truth,  
> because
> in most jurisdictions lying isn't usually a crime and we don't have
> technology to detect a truth from a lie. On the other hand, we have
> pretty good technology for establishing common trust anchors, and so  
> (1)
> above might be superfluous in a PA. However, you might still want to
> tell your federated buddies about it, as a courtesy, so they know what
> you're expecting.
>
> When I'm forced to think about this, I usually ask myself the  
> following
> question: "to satisfy my use-case(s), what are the properties of the
> technology and the statutory/regulatory/policy environment that I'm
> dealing with that might cause me problems that I care about, and what
> are the ways in which these might be resolved that would satisfy me  
> and
> also be acceptable to the other party(s)?".
>
> josh.
>
> JANET(UK) is a trading name of The JNT Association, a company limited
> by guarantee which is registered in England under No. 2881024
> and whose Registered Office is at Lumen House, Library Avenue,
> Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
>
> _______________________________________________
> Community mailing list
> Community at projectconcordia.org
> http://lists.projectconcordia.org/mailman/listinfo/community

More information about the Community mailing list