Skip to Content.
Sympa Menu

shibboleth-dev - Re: TargetedID Durability

Subject: Shibboleth Developers

List archive

Re: TargetedID Durability


Chronological Thread 
  • From: "Alistair Young" <>
  • To: "Scott Cantor" <>
  • Cc:
  • Subject: Re: TargetedID Durability
  • Date: Sun, 31 Jul 2005 19:47:57 +0100 (BST)
  • Importance: Normal

> Why wouldn't Amazon store my sales history with them? That's personal
> information, but it certainly doesn't belong at my IdP.
agreed. The point seems to be that in the IRS type scenario, Amazon
wouldn't trust your IdP to assert your ePTID. In which case there's no
case for an IdP at all and the untrusting SP should just handle it's own
authentication, as Amazon does.

Alistair


--
Alistair Young
Senior Software Engineer
UHI@Sabhal
Mòr Ostaig
Isle of Skye
Scotland

> Alistair Young wrote:
>>>if they are trying to access personal information at the SP.
>>
>> I'm curious. Why would a user have personal information stored outwith
>> their IdP? Is it personal information in the sense that they created it,
>> say an ePortfolio or something, or personal information in the sense of
>> attributes, i.e. name/address etc?
>
> Why would an IdP store every piece of information that an SP cares
> about? That's unlikely.
>
> Why wouldn't Amazon store my sales history with them? That's personal
> information, but it certainly doesn't belong at my IdP.
>
> -- Scott
>




Archive powered by MHonArc 2.6.16.

Top of Page