LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Problems with trust

Problems with trust

Posted Oct 6, 2006 15:17 UTC (Fri) by copsewood (subscriber, #199)
In reply to: A look at OpenID by robster
Parent article: A look at OpenID

Trust is a very difficult thing to automate in a decentralised manner other than in very narrow contexts. Consider the kind of trust questions an identity user site might be interested in:

a. Can this user be trusted to interact accountably and responsibly with children under the age of 16 ?

b. Can this person be trusted to order goods on-line to be delivered to the home address on the bank card used to a value of less than $100 ?

c. Can this entity be trusted to deliver an email to my inbox which will not waste a couple of seconds of my limited lifespan ?

d. Can this person identified by an organisation I have a support contract with be trusted not to have any conflict of interest through operating the root account on my supported server in connection with support access they have recently had to confidential data of specified competitors in my industry ?

e. Can this person be trusted as being a recent line manager within the organisation identifying him or her of a job applicant to provide a reference as their recent line manager ?

These trust relevant questions are so different in their requirements that I think each would require entirely seperate protocols. Having a common protocol that authenticates the players' identities is only the first step.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds