[WG-eGov] Another NZ request: Consent Services

John Bradley ve7jtb at ve7jtb.com
Wed Mar 30 07:56:24 EDT 2011 

I think the WAYF consent service is closer to what Colin is looking for. 

At least in the US the consent is something that is collected by the IdP before releasing some attribute.

In the EU I know that there are situations when consent must be given to the RP before it asks for the authentication.

So consent may be different things for different people.

John B.

On 2011-03-30, at 3:18 AM, David Simonsen wrote:

> Dear Colin,
> 
> WAYF - Where Are You From, yet another Danish eID federation, has operated a centralized consent service for 2 years.
> User may choose to store their (service specific) consent.
> 
> If they choose to do do, a hash of the SP-name + user attritbutes are stored in the consent db.
> Next time user tries to access the same service, the hash is calculated on the fly, the result is looked up in in the db - and if present, the user id _not_ asked to for consent, as we then know she asked us to store the consent.
> 
> Consents are stored for 3 years - which is occationally a subject of discussion as some find it too long, others appropriate...
> 
> A short video presentation of the system can be found under the title 'Users' consent to data exchange' at http://wayf.dk/wayfweb/video_archive.html
> 
> FYI we have collaborated with the Fraunhofer Institute's usability specialist (Germany) and expect to improve the interface in several respects within the next 6 months.
> 
> I hope this can be of help. If you, or others, have any questions, please do not hesitate to write / call.
> 
> Kind regards
> David Simonsen
> <Screen shot 2011-02-07 at 1.08.49 PM.png>
> 
> 
> David Simonsen
> Executive manager
> Phone: +45 31216152
> 
> H. C. Andersens Boulevard 2
> DK-1553 København V
> 
> 
> 
> On Mar 30, 2011, at 7:41 AM, Colin Wallis wrote:
> 
>> Greetings all
>> 
>> We have an eGov call coming up next week which reminded me about something my developers have been hassling me about - consent services.
>> 
>> So we know of Denmark's notion of this… see the last link on this pages: OIO ID WS Scenarios (Section 3 Pages 16-18) here.
>> 
>> http://digitaliser.dk/resource/526486
>> 
>> But Finland would have one (if the presentation was anything to go by), Austria too..Canada?
>> 
>> All info welcome
>> 
>> Cheers
>> Colin
>> 
>> 
>> ====
>> CAUTION:  This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you.
>> ==== _______________________________________________
>> WG-eGov mailing list
>> WG-eGov at kantarainitiative.org
>> http://kantarainitiative.org/mailman/listinfo/wg-egov
> 
> _______________________________________________
> WG-eGov mailing list
> WG-eGov at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-egov

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4767 bytes
Desc: not available
Url : http://kantarainitiative.org/pipermail/wg-egov/attachments/20110330/5f28b795/attachment.bin

More information about the WG-eGov mailing list