shibboleth-dev - Re: [Shib-Dev] [IdPv3] Consent Engine Work
Subject: Shibboleth Developers
List archive
- From: Chad La Joie <>
- To:
- Subject: Re: [Shib-Dev] [IdPv3] Consent Engine Work
- Date: Mon, 15 Nov 2010 13:31:48 -0500
- Organization: Itumi, LLC
Well, as Halm knows, I've gone back and forth on whether we should support this "feature" at all. I continue to feel that people should never use this feature, and I have in the past told Halm I was going to yank it when we included uApprove into IdP v3. However, I also know that some folks who have deploy uApprove do in fact allow user's to opt-in to global consent.
So for me, at this point, I am mostly settled on the model where we leave it in but have it off by default. What I really want to ensure though is that our APIs are developed such that they are easy to extend or chopped up and reused for people who want to do drastically different UIs. I feel pretty confident in saying that outside the very simple uApprove/card selector UI we have today, we have no idea what UIs people really find usable.
So, my hope is that once attribute consent is baked in to the IdP, and thus in front of many more people, we can get people experimenting with more advanced UIs and figuring out what really works. Or, maybe we find out that the "simple" interface is the best option.
On 11/15/10 12:25 PM, Halm Reusser wrote:
Hi,
On 22.07.64 20:59, Chad La Joie wrote:
Features I am considering but not yet committed:
[...]
- Global consent, meaning the ability to tick some box and never be
asked anything again regards of the SP or changes in the
to-be-release data. Again, as above, people are free to experiment
with this feature but I don't think there are enough data points to
determine if users really understand what this means or how to
change such a setting.
Actually I was thinking a little bit about this. At my personal opinion
I'm not very happy with the current implementation of this "feature".
The as-is situation (Arpviewer 1.x / uApprove 2.x) is like described by
Chad. If a user checks this box, he gets never ever asked about consent
again independently if he,
... accesses a new service provider
... accesses a already visited service provider including a new
attribute to be released
... accesses a already visited service provider including a
attribute already accepted to be released, but including different
values.
Sounds not like a good privacy protection.
I can tell you my suggestion for this "feature". If a user checks such a
box, it should mean "I accept that these attributes, which are listed
above, including exact those values" might be released to every other
service provider I access in the future". This is straight and clean.
This implies, the user has to confirm the attribute release again, if
he access an already visited or new service provider and
... attributes, on which he did not give "global consent",
will be released.
... attributes, on which he did give "global consent",
but the values have changed will be released.
I'm looking forward to have a fruitful discussion about it.
-Halm
--
Chad La Joie
http://itumi.biz
trusted identities, delivered
- Re: [Shib-Dev] [IdPv3] Consent Engine Work, Halm Reusser, 11/15/2010
- RE: [Shib-Dev] [IdPv3] Consent Engine Work, Peter Williams, 11/15/2010
- Re: [Shib-Dev] [IdPv3] Consent Engine Work, Tom Scavo, 11/15/2010
- Re: [Shib-Dev] [IdPv3] Consent Engine Work, Chad La Joie, 11/15/2010
- Re: [Shib-Dev] [IdPv3] Consent Engine Work, Halm Reusser, 11/16/2010
Archive powered by MHonArc 2.6.16.