On Mon, 14 Apr 2014, David Chadwick wrote:
> Semantics is something that an administrator might care about, if he
> wants to intuitively understand who the user (or group) is that he is
> giving access to when he sets the policy for the PDP. However, a mapping
> function from a unique ID to a human meaningful string, under the
> control of the administrator, can provide this. So the unique string
> that Moonshot provides can be mapped by the application into a
> meaningful string if this is required. The important thing is that
> Moonshot provides the unique string.
It's important that the unique string doesn't change unexpectedly over
time, since that would require the mapping to be updated before the user
(or group) could successfully authenticate. I understand (from a distance)
that this is part of the objection to CUI.
A further problem with identifying people by opaque string, especially if
it can't be predicted in advance (as for Shib's ePTID), is that it
complicates account provisioning since a potential user can't tell an
administrator what their ID will be. There are ways around this (require
an initial authentication and subsequently upgrade the account, bootstrap
the process with a single-use username/password, etc.) bu these seem to
confuse many administrators/implementers. I believe this is hampering
uptake of Shib where only ePTID is available.
There are also issues around the semantics of unique ID's and privacy. Use
cases involving privacy requirements may not be high on Moonshot's
priority list at the moment, but they should not be accidentally ruled
out.
Jon.
--
Jon Warbrick
Information Systems Manager, University of Cambridge Information Services
|