Somehow Eric Norlin’s now got me defending Doug Kaye’s arguments! That’s OK. Actually, I’m pretty sure Eric’s wrong.
The fact that pseudonyms are used as the inter-system linking mechanism does absolutely nothing to reduce the risk that Doug raises. In other words, somebody who successfully steals a userid/password associated with a Liberty Alliance identity provider can thoroughly exploit any federated links. It doesn’t matter that the technology uses pseudonyms to accomplish the link — the access is still provided.
Are there any Liberty Alliance gurus out there who can set either of us straight?
You must log in to post a comment.