Subject Re: draft charge, refeds working group on attribute release
From John Bradley <ve7jtb@xxxxxxxxxx>
Date Fri, 1 Jul 2011 18:12:46 -0400

RP use tracking cookies and other mechanisms to learn about you.

They don't turn there noses up at self asserted attributes.

The most common internet related use case currently is marketing.

The LoA of the credential is secondary to those people.

What people are looking for changes with the use case.

John B.
On 2011-07-01, at 5:52 PM, David Chadwick wrote:

> On 01/07/2011 21:41, John Bradley wrote:
>> Many internet SP are not that concerned about traditional LoA, they are
>> more interested in profile info, even if it is self asserted.
> I think that is something of an oxymoron. A self asserted profile by its very nature has little assurance without reference to some external third party(ies) to proof it.
> Paypal have very good mechanisms for reducing risk, which might rely on profiling, but they also rely on the TTP of a bank/credit card issuer as well.
> regards
> David