[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Netmino scenario (was RE: [xdi] Agenda for XDI TC Call Monday 3/22 5PM Pacific)
Jean-Luc, First, on the call, no problem, this is the call that favors Japan, vs. the Wednesday calls that favor Europe. Second, in my opinion, your Netmino approach is well-thought out and takes great care to preserve all privacy options. I believe it will fit perfectly as a "profile" of XDI, meaning a way for community of users to specify a) the data to be exchanged, b) the link contract elements governing, protecting, and controlling the exchange, and also c) a specific business model for an XDI service provider. I would by all means proceed to write this up as a use case, but trying to specify just the business requirements, and then using the Issues/Requirements section of the template to point out the architectural means of implementing them. Best, =Drummond -----Original Message----- From: jlschellens@netmino.org [mailto:jlschellens@netmino.org] Sent: Saturday, March 20, 2004 2:00 AM To: xdi@lists.oasis-open.org Subject: RE: [xdi] Agenda for XDI TC Call Monday 3/22 5PM Pacific Hello Drummond, I'm not yet sure I'll be able to attend this meeting. For me it'll 2 am and I've to convince my wife for such an early wake-up! Before I will join the use cases works, I would like to summarize the 3 steps of the negotiation process we defined in Netmino for the exchange of personal data. 1. In the first step, the two persons (individual or organisation) candidates for a relationship will exchange their public keys. - In a "face to face", they will use Keymino, the software we are developing for PDAs and GSMs. Keymino allows the exchange (through IrDA, Bluetooth or MMS - SMS is to small to carry a Public Key) of basic data about a person: his first name and name, picture, e-mail address and public key. The data will be different following the type of relationship, e.g. for anonymous relationship, the first name and name are not disclosed and the e-mail address will be like BE1234567.56@netmino.com; for a business relationship, the address will be the firstname.name@company.com with maybe another public key... - In the other cases, e.g. through the Web, the exchange of the basic data will be done by e-mails through a Netmino server and require an authentication process (where indeed SAML can be used). 2. In the second step, the two persons will exchange by encrypted (with the previously exchanged public keys) e-mails their "Privacy & Identity Contract" (a link contract) using XPIML (eXtensible Privacy & Identity Markup Language, previously XPrML) to confirm the type of relationship they want to have (anomino, pseudomino, family, friend, business, employee, prospect, customer, administrated...) and the authorised uses of the to be exchanged personal data in relation to their privacy preferences (e.g. automatic update, copy & back-up but no print or forward to third parties - I hate the vCard forward feature e.g. in Outlook, it's totally against my privacy principle!). The PICs will be signed using the private keys of the two persons. This step is fundamental for a trusted relationship between the persons and can be seen as the acceptation you're asked to give when you install software. 3. In the third step and only if the two persons have exchanged by encrypted e-mails their signed PICs, the personal data will be exchanged again by encrypted e-mails, the data being (pre-) formatted in "virtual cards" again following the type of relationship between the two persons (from anomino to full disclosure e.g. for your next employer). I would like to know if you share this very definite approach and would appreciate all your reactions and comments. Regards, Jean-Luc
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]