carol coye benson on federation and liability transfer
Carol Coye Benson of Glenbrook Partners has a article,
Liability and Federated Identity: Much Ado About Nothing on why Federated identity probably may not live up to expectations: they will likely never provide a basis for transferring liability for between the parties to an on-line transaction. But, as she points out, this probably won't matter.
This is the thing I think most security wonks miss -- it's tilting windmills to try to make risks disappear or to transfer them all away. But this doesn't mean you can't do business. It just places a burden on you as the business manager to understand the risks and how they affect the prospects of turning a profit. Its perfectly reasonable to take an informed risk, and often significantly cheaper than trying to eliminate the risk altogether.
Posted by dapkus at November 25, 2003 10:13 PM
| TrackBack