Somebody will recognize that this is a necessary security measure
if the transaction is applying for a visa with a foreign government,
but it is plain abuse to keep record of how many times
you buy wine in a month; somebody else will be okay with
both; and so on. This is just one among many examples. When
was the last time that a marketing company asked for your permission
for monitoring your buying habits? The point is that it is
the user who should be the one who justi?¬?es the terms of the
participation of one entity in the transaction, and a good identity
schema should do everything for facilitating that judgment call.
That means explicitly and clearly communicating policies about
information usage.
Directed Identity
A universal identity system must support both ???omnidirectional???
identi?¬?ers for use by public entities and ???unidirectional???
identi?¬?ers for use by private entities, thus facilitating
discovery while preventing unnecessary release of
correlation handles.
??”The Laws of Identity, Cameron, 2005
102 Hints Toward a Solution
The fourth law further re?¬?nes the concept we have of digital
identity.
In Chapter 1, we debated the problem of server authentication,
and we hinted how Public Key Infrastructure (PKI), certi?¬?cates
and Secure HyperText Transfer Protocol (HTTPS) can help in
pinpointing the identity of websites.
Pages:
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184