Users can export
their cards and take
them to another
computer
298 Guidance for a Relying Party
Figure 5-17 Suggested user experience to allow users to edit the cards
associated with their account
The Site-Speci?¬?c ID
The site-speci?¬?c ID (SSID) is not the same thing as the Private Personal Identi?¬?er
(PPID), but the two are related. The SSID is a lightweight distillation of the PPID,
for the speci?¬?c purpose of allowing the user to easily read the SSID, and possibly
communicate it to another party, to ?¬?nd a particular record. It is not intended
to be used in place of the PPID for authentication or comparison; it is
there merely as a convenient cosmetic representation. The C# code to calculate
the SSID looks like this:
///
/// Generates the site-speci?¬?c ID to match the one in the
/// Identity Selector.
///
/// The Identity Selector displays this instead of displaying
/// the PPID.
/// ///
the PPID
///
/// a string containing the XXX-XXXX-XXX cosmetic value
299
Privacy and Liability
Many websites are only now becoming aware of the responsibility
they bear toward the safekeeping of the information customers
have exposed to them.
Pages:
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433