Tuesday, April 22, 2008

EIC2008 Workshops

This morning I was at the VRM unworkshop at the EIC2008 conference. What I understood there was that VRM is about principles for service providers that serve my claims.
- what are the logging and privacy contraints ?
- can administrators see my data ?
etc

Whether this concept will be a success, I don't know. I think that most users don't understand what and how much and to whom and under what conditions they should give away claims or not. So in the sense of making a deal with the web-shop (I give you claims and you don't bother me with advertisements that make no sense to me) I think that this is desirable but I think that most users will give away too much claims with uncertain conditions what the RP does with this data.

Later I joined the Liberty Alliance Standards workshop. Interesting talks there too. One talk I really liked was the one from my colleague, Michael Gärtner, who demoed the federation from a T-Home online account to a T-Mobile account. This facilitates the current connection the user uses to protect the login. So if you are using your home DSL connection then this access is used as a second factor for your T-Home account. And If you have a T-Mobile internet connection using your mobile phone then that access is used as a second factor for your T-Home authentication. I like that.

No comments: