[dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing

To: John Merrells <merrells at sxip.com>
Subject: [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing
From: Sam Hartman <hartmans-ietf at mit.edu>
Date: Fri, 02 Jun 2006 16:51:51 -0400
Cc: Ted Hardie <hardie at qualcomm.com>, Digital Identity Exchange <dix at ietf.org>, ietf-http-auth at lists.osafoundation.org
In-reply-to: <114A4275-DD35-48B3-85D3-B7B305E2967B@sxip.com> (John Merrells's message of "Fri, 2 Jun 2006 13:19:01 -0700")
List-archive: <http://www1.ietf.org/pipermail/dix>
List-help: <mailto:dix-request@ietf.org?subject=help>
List-id: Digital Identity Exchange <dix.ietf.org>
List-post: <mailto:dix@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
References: <tsllksse88e.fsf@cz.mit.edu> <A21400FB-F862-4F90-919A-523280B4012B@sxip.com> <tsl8xofvbxu.fsf@cz.mit.edu> <114A4275-DD35-48B3-85D3-B7B305E2967B@sxip.com>
Reply-to: Digital Identity Exchange <dix at ietf.org>
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

>>>>> "John" == John Merrells <merrells at sxip.com> writes:

    John> I'm not sure if you're saying this but... DIX does not
    John> impose any specific number of identifiers on a user. They
    John> can have as many as they choose to have, from 0 to infinity.

No, but dix does support transporting more than one claim and does
support claims that are not identifiers.

I don't view doing so as a requirement.

    >> but that can transition to more complex forms of identity
    >> claims in the future.  You seem to want sets of identity claims
    >> today.

    John> I find the 'claim' term to be a bit ambiguous, so try to
    John> avoid it.  I'm not sure how claims relate to identifiers in
    John> your comment above.

I use the terms claim, identity, subject and relying party as they are used in the Laws of Identity paper.

An identifier is a claim that is alegidly unique; email addresses are
viewed by some as identifiers.  Email addresses *are* the identifier
within the namespace of amazon.com identifiers as an example.

--Sam

_______________________________________________
dix mailing list
dix at ietf.org
https://www1.ietf.org/mailman/listinfo/dix

Follow-Ups:
- Re: [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing
  - From: Pete Rowley

References:
- [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing
  - From: John Merrells
- [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing
  - From: Sam Hartman
- [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing
  - From: John Merrells

Prev by Date: Re: [dix] Comments on use cases draft
Next by Date: Re: [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing
Previous by thread: [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing
Next by thread: Re: [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing
Index(es):
- Date
- Thread

[dix] Re: [Ietf-http-auth] BOF Request: WARP - Web Authentication Resistant to Phishing

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.