liability issues
|
View:
New views
4 Messages
—
Rating Filter:
Alert me
|
 |
liability issues
by Peter Williams-15
::
Rate this Message:
Some parts of this message have been removed.
Learn more about Nabble's security policy.
“The foundations jointly hired John Bradley to develop profiles
for the two technologies. They also hired the same lawyer to look at liability
issues.” [http://self-issued.info/?p=216] Is the legal work available for review, or it is all
confidential? _______________________________________________ general mailing list general@... http://lists.openid.net/mailman/listinfo/openid-general |
|
|
Re: liability issues
by John Bradley-9
::
Rate this Message:
|
|
|
Re: liability issues
by Peter Williams-15
::
Rate this Message:
Some parts of this message have been removed.
Learn more about Nabble's security policy.
For those less fortunate than Board members, the rest of us may have
to make do with http://www.abanet.org/scitech/ec/isc/dsgfree.html It’s really out of date and focuses on users, RPs and CAs relying
on certificates, cert chains, and registered names (vs relying on assertions,
XRD sequences, and claims). But in an 80:20 world of low assurance, it’s probably
still great for the 80% case. It’s not as if the principles of fraud have
really changed in 400 years. The main purpose of the DSG was to provide a judicial reference
: well researched issues with which to frame the process of forming judgments.
In its day, it assumed the clueless judge : which may no longer be a valid
assumption. It’s not a study of liabilities in the area of assertions,
self-certifications, or policy based governance through audit verification by a
registry (that’s been done many times before, over the last 20 years). It’s
a study in the art of controlling liability as a TTP (read IDP). Much of the
art went into the design of the VeriSign CPS, whose liability control systems
have changed little in 10 years About the only thing that has really changed is the role of the
RP which -- in infocard-land -- is now instrumental in picking cards (since it
sets the claim requirements, including requirements for trust-level assertions
from particular schemes). From: John Bradley
[mailto:ve7jtb@...] Legal review of the TFP documents and issues is ongoing. I don't know when the board will circulate results publicly. John B. On 2009-09-20, at 2:20 PM, Peter Williams wrote:
“The foundations jointly hired John Bradley to develop profiles for the two
technologies. They also hired the same lawyer to look at liability
issues.” [http://self-issued.info/?p=216] Is the legal work available for review, or it is all
confidential? _______________________________________________ _______________________________________________ general mailing list general@... http://lists.openid.net/mailman/listinfo/openid-general |
|
|
Re: liability issues
by Smedinghoff, Tom
::
Rate this Message:
Some parts of this message have been removed.
Learn more about Nabble's security policy.
If anyone is
interested, the American Bar Association has recently formed a Federated
Identity Management Task Force that is starting to look into the legal issues
raised by IdM (http://www.abanet.org/dch/committee.cfm?com=CL320041). I'm co-chair of
the ABA Federated Identity Management Task Force, along with Jane Winn (Prof at
U. of Washington Law School), and David Whitaker (attorney with Wells Fargo
Bank). We are also working with Liberty Alliance (which is currently
hosting our listserv -- you can sign up at http://lists.projectliberty.org/mailman/listinfo/FIMAC_lists.projectliberty.org). Also, a paper I
wrote as a starting point for the legal analysis – titled “Federated
Identity Management: Balancing Privacy Rights, Liability Risks, and the Duty to
Authenticate” – is now available at http://ssrn.com/abstract=1471599 Tom
Thomas J.
Smedinghoff From: openid-general-bounces@... [mailto:openid-general-bounces@...] On Behalf Of Peter Williams Sent: Sunday, September 20, 2009 2:03 PM To: John Bradley Cc: openid General Subject: Re: [OpenID] liability issues For
those less fortunate than Board members, the rest of us may have to make
do with http://www.abanet.org/scitech/ec/isc/dsgfree.html It’s
really out of date and focuses on users, RPs and CAs relying on certificates,
cert chains, and registered names (vs relying on assertions, XRD sequences, and
claims). But in an 80:20 world of low assurance, it’s probably still great for
the 80% case. It’s not as if the principles of fraud have really changed in 400
years. The
main purpose of the DSG was to provide a judicial reference : well researched
issues with which to frame the process of forming judgments. In its day, it
assumed the clueless judge : which may no longer be a valid
assumption. It’s
not a study of liabilities in the area of assertions, self-certifications, or
policy based governance through audit verification by a registry (that’s been
done many times before, over the last 20 years). It’s a study in the art of
controlling liability as a TTP (read IDP). Much of the art went into the design
of the VeriSign CPS, whose liability control systems have changed little in 10
years About
the only thing that has really changed is the role of the RP which -- in
infocard-land -- is now instrumental in picking cards (since it sets the claim
requirements, including requirements for trust-level assertions from particular
schemes). From: John Bradley
[mailto:ve7jtb@...] Legal review of the TFP documents and issues is
ongoing. I don't know when the board will circulate results
publicly. John B. On 2009-09-20, at 2:20 PM, Peter Williams
wrote: “The
foundations jointly hired John Bradley to develop profiles for the two
technologies. They also hired the same lawyer to look at liability issues.” [http://self-issued.info/?p=216] Is
the legal work available for review, or it is all confidential? _______________________________________________ DISCLAIMER: This communication, along with any documents, files or attachments, is intended only for the use of the addressee and may contain legally privileged and confidential information. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of any information contained in or attached to this communication is strictly prohibited. If you have received this message in error, please notify the sender immediately and destroy the original communication and its attachments without reading, printing or saving in any manner. This communication does not form any contractual obligation on behalf of the sender or Wildman, Harrold, Allen & Dixon LLP. Unless expressly stated otherwise, any tax advice in this message is not intended or written to be used, and cannot be used by a taxpayer, for the purpose of avoiding penalties that may be imposed on the taxpayer. Please consult your tax attorney regarding the form of tax advice that may be relied upon to avoid penalties under the Internal Revenue Code. |
| Free embeddable forum powered by Nabble | Forum Help |
