Monday, May 05, 2008

Don't ask, don't tell

Eve considers the risk of new identity systems, by facilitating the flow of identity, exacerbating the problem of identity flowing unnecessarily.

In her proposed best-practices, Eve presents an iterative identity collection model - applications ask only for what they need right now, and not what they expect they might need in the future.

Not wanting to preempt Eve's next post
More thoughts soon on some solution opportunities in all this…

but ...

Liberty's CARML, through use of <ws-Policy> elements on the <Interaction> , would allow an application to indicate priorities for the various identity attributes it required (or simply desired). So, for instance, a tee time booking application (tieing back to Eve's story) could indicate that it absolutely required the golfer's handicap but that it merely wanted whether they were right/left handed.

I'm not sure that priority labels alone are sufficient to support an incremental collection model. The tee time application may absolutely require the golfer's favorite beer, but only at such time as the beer girls cart draws near them on the back nine.

No comments: