Hi, > > 1) two different relying parties should not be able to tell that the same > > user has logged in to both of them by comparing their login logs. > > This property (targeted or directed identity) was not what I was > referring to, but yes, you want a per session, per relying party > (and in some cases for limited time) pseudonym > > > > > Here I would just the term anonymity or pseudonymity of the subject towards > > the individual relying parties. > > See above, it goes beyond pseudonimity towards rp, it is about not > sharing pseudonyms between parties
Isn't 1) similar to unlinkability? > > > > > 2) the identity provider should not be able to keep track of which relying > > parties are being used by the subject. You are talking about this one. > > Yep > > > > > Well, even more, the idp should not know at all which rp I talk to > in the first place. It is a strong privacy reqirement. Idoubt solutions in ABFAB can provide this feature. > > > In any case, it is a good example. I could add it as an additional example > > to the draft since it gets frequently mentioned in identity management > > discussions these days. > > Another example is paying cash for something that you don't want to > be traced to you > > Klaas > > > > > Ciao > > Hannes > > > _______________________________________________ > ietf-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ietf-privacy >
_______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
