Futplex wrote:
Frank O'Dwyer writes:
Plus, given secure identity (which might be an anonymous id), you can layer the other stuff on top.
I am swayed by the view expounded by Carl Ellison that a key, not an identity, should be the anchor to which attributes are attached. (Sorry if I am misstating or oversimplifying the position here.) I think identity should be hung off the key as just another (optional) attribute.
This is exactly how I view X509 Version 3 certificates. You can attach any sort of attribute to the key, including a name/identity. Though the spec gives the name preferential treatment for historical reasons, I view it as just another optional attribute. --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.