[news.eclipse.technology.higgins] User's trusted identity agent and r-ca

[olivier.maas@xxxxxxxxxxxxxx (Olivier Maas)]

Hi all,

I am evaluating the benefit of using Higgins for my project around user 
centric identity and this leads me to a few questions about what Higgins' 
next steps will be.

In particular, I am trying to understand what is going to be possible with 
the concept of r-cards and identity agent.

Let me take an example of what I imagine could be done. Tell me if I am 
wrong.

Let's say I have two identities :
- one identity issued by my bank as a Cardspace managed card 
- one identity issued by the government based on a Liberty Alliance 
identity 

I can import these two identities in my identity agent.

Now within my identity agent, I can create a new card (r-card?) which 
combines attributes from both identity provider (bank and government). I 
can use this card for web sites that are compatible with Cardspace or 
Liberty Alliance (through the IdAS layer)

Am I right?

If yes, what is the Higgins component that will implement the user's 
identity agent? Who will provide this service in the real life?

What is the security model around the exchange of the attributes between 
the different parties (IdP, Identity agent, SP) ?

Since attributes from one r-card are coming from multiple identity 
provider that may require user authentication, how is the authentication 
done from the user point of view?

Who issues and signs the token and the attributes?(the identity agent?).

Thanks for your help.