Technorati Tags: identity
Banks aren’t interested in relying on a federated model of identity: they don’t care whether the airline says who you are or whether you have an Amazon account. If they are going to accept a digital identity, it has to be one issued by another bank, under the same relevant know-your-customer law mand other legislation. And, most importantly of all, they want to understand and agree the distribution of liabilities that go along with using (and relying) on the identities. This is what makes Identrust useful to them: not that it defines X.509v3 certificate format, but that it defines — very clearly — what happens when things go wrong.
But this, it seems to me, ought to make Identrust certificates useful to corporates in general and not just in respect of financial transactions. This will be one of the topics I’m discussing with Karen Wendel, the Identrust CEO, and some other knowledgeable persons at the CSFI round-table discussion on trusted electronic transactions in London on April 17th.
My opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public.
[posted with ecto]