Re: [dix] draft-merrells-use-cases-01

Wed, 12 Apr 2006 12:17:41 -0700 


On 12-Apr-06, at 12:00 PM, Thomas Broyer wrote:


I first thought that the Identity Agent were a web-based service, not
some piece of software you would have to install on your "computing
device".


From Beth's perspective the agent software could be either local or
remote.

I think my use case went too far in making it sound like local software.


This is:
 - what's done today by other distributed identity systems (OpenID,
LID, Passport, etc.)


Indeed.

You could argue that Infocard solves many of these usecases with
local software.


 - what's suggested by draft-merrells-dix-00 and -01


Correct. dmd1 is focused on the existing browser case. Building on
dmd1 you could devise smarter clients that provided Beth with a
better experience.


How about the "cyber café" use case? How does Beth acceed her
identities and personnas if the Identity Agent is a "local" piece of
software and not a web-based service?


We're getting into implementation here, but yes it could be a remote
service, or it could be in something that Beth carries around with her.


I also think the protocol must have a "dumb, web-based" profile à la
OpenID or LID, using HTTP redirects combined with basic HTTP-Auth ; a
profile for using web-based services from a "bare" computer (e.g. in a
cyber café, where you cannot install anything, or a mobile device with
limited capabilities and extensibility –e.g. a mobile phone–). I think
SAML also has such a profile.
This is IMO a requirement for a distributed identity system.


I think we're all in agreement.

Clearer? Less device oriented...

<section title="B34"><t>
Beth has many computing environments in her life, running different operating systems and different application software. She makes her own choices about her own computing environment, but she has little choice when the software is within a device or when she's at work, where she is subject to her employer's policies. A consequence is that she uses multiple Identity Agents, which she uses for managing different personas. 
</t>
The first two sentences are just motivation... the last line is the important statement. 

John


_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix

Reply via email to