|
|
Identities are handled on a peer-to-peer basis:
We must NOT create a passport "portal". That is technically and morally wrong. We must create a framework that can be scaled and deployed at any level desired, whether locally, at an enterprise, or at a portal. Authentication and access to private information should be peer to peer to preserve local storage of those things which should remain in private users hands. The ability to migrate data upward can be provided for, on a selective basis, and controls must be provided as to who may or may not access specific user information.
What strikes me a conspicuously absent is a signature chain architecture that allows people the flexibility of trust and delegation expression found in PGP.
11 of 13 |
|