On 2010-07-15 14:04, Göran Melvås wrote:
> But until you have a federation type of logon service like SAML or opened or
> ("central" PKI like Cryptomatic or Norwegian BankID).
>
> You have to have multiple tokens...
>
Here we enter a somewhat religious area..
Personally I doubt that we will ever get a universal ID for many reasons and
one is that
the identity in many contexts does not have to be vetted by a TTP, it is enough
that you
get account integrity which simply means that you have strong authentication to
your
account, while your identity (as a WoW-player etc) is given OOB or not given at
all.
I do not (for example) see how Skype could make use of eIDs without major costs
including signing up for the Scandinavian "pay-per-view" closed PKIs.
That's my problem with the EU eID programs: They generally address a tiny
fraction of
an individual's need for authentication on the Internet. A possibility is
augmenting the
eID part with an multi-credential facility using on-line provisioning. Then
that 50 EUR
could actually be a little bit better spent. The added silicon would cost
about 1 EUR.
Unfortunately pragmatism is essentially a bad word in the eID community so
there will
rather be other tokens with "iPhone & friends" as the foremost ones, which when
NFC
and stuff has been added will make your eID card look like "a blast from the
past".
This should be regarded as a "journey" but I think that OTP in phones could
finally
"break the ice" so therefore this is priority #1 for me. That you get PKI and
Information Cards support for free is just a bonus.
Anders
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
