(Colin Wallis)
Some random states would leave the EU, if states would go more nationalistic.
What impacts on Federated IDM/Attribute Exchange across national borders, if National States become inwards looking ("Nationalistic").
USA is a rich country with many different religions and cultures. With the current administration, what would happen in the worst extreme? Could we still get Identity Federation to work?
We could provide our IP outside the USA.
To do Federated IDM you need eID and IDCard.
Add a very low level of assurance?
The line has to be drawn between public, institutional (F&E) sector and commercial.
Workarounds :
Public-sector-line would be much deeper. At the nation state level I do have a passport and it is accepted anywhere I go.
At public layer of IDM I had "to back to the wild west".
To do something in the US you need a US license.
You could use a UK-Identifier or an Estonian passport to identify in the US.
At a policy level there needs to be only one executive order which says that the US doesn´t recognize anything from Estonia anymore.
While architecting our systems we should decentralize identity federation.
We have the responsibility to design the identity systems.
If many people vouch for me, then the confidence-level will be higher than if only one does (E.g. Web of Trust).
We should not invent a punishment system because that would be abused by many.
"Underground Federated (decentralized) Identity"
It is also a federation of higher trust IdP.
If the IdP goes corrupt, you lose the whole tree under the IdP.
How are we robust against these attacks?
Against corruption: multiply identities for IdPs
If one of them falls I will still be known by the other IdPs.
IdPs hierarchy of identities
University able to federate identity outside national community.
Is a national IdP not just a walled garden? (Chinese, North-Korea, Iranian, ..). They do WIFI-P2P-Network Connections.
P2P-Identity? Web of Trust-Identity? We have PGP to do this. You can trust the keys by a chain of trust (personally asking) of E-Mail-Signature.
What would a P2P-Identity-Network look like?
The problem is that you´ve got to have at least a masters-level to install this stuff. The machine cannot install PGP with the people's keys on their own.
Is XAMPP (Jabber ) not more decentralized? ORT (Off-the-records) is just an encryption layer above XMPP.
The government is not allowed to see what we do (not quite exactly what has been said).
We need a federated ID-System that also works in Iran.
If someone controls the underlying infrastructure, it is extremely open to attacks.
War-scenario
How do I find enough people to vouch for someone to say that he is not a bad guy?
Running our own infrastructure? Web of WIFI-Networks. Not secure by default.
In the middle-east they use the infrastructure from abroad that can be trusted so that they can build something for their own country, where the infrastructure cannot be trusted. Anonymous in the country, not anonymous outside.
If there is no access to a central server which has stored identity-information it gets quite hard to prove someone's identity.
Natural disaster
