Parts II and III of this book delve
into the details.
The implications of the introduction of an explicit IP role in the
system are profound and cannot all be covered here, but you
will see more and more of them as the Identity Metasystem is
described in further detail throughout this chapter.
In summary, an IP is the ?¬?rst occurrence of the word subjectin
the de?¬?nition of digital identity (see the section ???(Digital)
Identity???). It is the entity that asserts claims about another subject,
typically with regard to the relationship between the two.
The digital identity is a currency that a subject can spend with a
certain RP if the latter trusts the IP that minted it.
Freeing the ???Hostage Identity???
In Chapter 1, in the section ???HTTPS, Authentication, and Digital Identity,??? we
encountered the concept of hostage identity. The identity of the user, intended
as collection of claims, lives on the website itself, and it is ???unlocked??? by a successful
user authentication. When this happens, the content of the claims can
in?¬‚uence the behavior of that website but no others??”if you disregard the few
cases of business partnerships grouping together multiple entities (see the
example in ???User Control and Consent??? and ???Minimal Disclosure for a
Constrained Use???).
Pages:
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216