Privacy Profile: Difference between revisions
Jump to navigation
Jump to search
| Line 10: | Line 10: | ||
==Solutions== | ==Solutions== | ||
# Users can [[Authentication|Authenticate]] in a manner that gives a [[Relying Party]] a consistent [[Identifier]] that can be sued from session to session without the need for sharing any [[User Private Information]]. | |||
# To be fully compliant with the various [[Privacy]] legislation like the [[GDPR]] or the California legislation the [[Relying Party]] may first require that the user establish a channel back to the user for the performance of required [[Redress]] and [[Recovery]] operations. | |||
# Only then should the [[Relying Party]] be in a position to request additional [[Attribute]]s from the [[User]]. | |||
==References== | ==References== | ||
Revision as of 22:20, 8 January 2019
Full Title or Meme
A profile of a possible Privacy configuration as communicated from a Relying Party to a User.
Preconditions
- The primary use case for this profile is a user navigating to the web site of a Relying Party and deciding whether to share private information with that web site.
Problems
Solutions
- Users can Authenticate in a manner that gives a Relying Party a consistent Identifier that can be sued from session to session without the need for sharing any User Private Information.
- To be fully compliant with the various Privacy legislation like the GDPR or the California legislation the Relying Party may first require that the user establish a channel back to the user for the performance of required Redress and Recovery operations.
- Only then should the Relying Party be in a position to request additional Attributes from the User.