I was wondering about the parental rating of the new Hellboy movie, so I went to the IMDB.
Their parent's guide eschews any moralizing, instead simply asking reviewers for a description of the potentially age-inappropriate content. Arm the parental relying party with information, and let them make the access control decision.
Of course the downside is that some parent's want to off-load the responsibility, it's very easy to say no to a pleading child with a "Sorry, but the rating says it isn't appropriate". Much more thought would be required to actually analyze the content.
This is the model SAML's Authentication Context took for handling assurance - i.e. the IDP doesn't make any 'moral' judgements about the factors that impact assurance, but rather just describes them.
Pretty much the exact opposite of that taken by those uptight old ladies at NIST.
No comments:
Post a Comment