Wednesday, November 07, 2007

Madsen's Lemma of Dubious Attributes

Madsen's Lemma of Dubious Attributes

In the context of any given application, a Relying Party will be unwilling to accept a self-asserted identity attribute without verification if there exists the possibility of differentiated advantage to the user in claiming one value for that attribute over another.

That is, if the user gains by fibbing, self-asserted doesn't cut it. The RP will want to get the attribute from either a separate 3rd party or infer it through some other means.

Madsen's Corollary of Dubious Attributes

For any given identity attribute, there exists an application context in which there can be differentiated advantage to the user in claiming one value for that attribute over another.

So, we shouldn't generalize and say 'profile' attributes like zip code are fine for the user to self-assert, whilst 'sensitive' attributes like credit rating aren't.

If I could have lied about the fact I live in Canada to avoid being bumped from Pandora, I would have. Damn IP address!

2 comments:

Robert said...

1) Excellent Paul! Very well put.

2) You mean it can sometimes be advantageous to claim "female" for the sex attribute ? ;)

Paul Madsen said...

Thanks Robert, well i do find I'm treated differently when wearing dresses ....