Nick Doty
Nick Doty
I don't understand how this proposal "ensures that user privacy is thus met by accommodating the different use cases that a multi-domain entity may have". I can understand how this...
Please forgive my continued lack of understanding. As I understand it, there was feedback that some companies wanted to combine data across sites that had different privacy policies and practices,...
> One use case I have seen is where a single controller manages multiple country specific domains, which may share a common language e.g. ecample.de, example.at or example.lu, and use...
Just tag me or drop a link when you have an out-of-band binding issue. I do think that's a more promising long-term approach. I'm concerned in the meantime though that...
Apologies if this should go in a more generic repro; it would be great if auto-publication had this functionality automatically, but it would be a good goal to get all...
@dlongley and others have argued that there are privacy harms and no privacy benefits to decoy entries, and the group has suggested that it is unaware of any threat or...
Yes, I think noting it as an open question on how to do properly (or whether), with an at-risk marker, would make sense for CR.
Apologies if my brief reference to "registry" in the issue title has thrown us off; I'm not committed (and I don't think others who were discussing it on calls) to...
It sounds like the relevant types are more defined properties that can apply either to credentials or to particular claims from credentials. Some credentials may be **origin-bound** (a loyalty program...
Using infamously unreliable technology doesn't seem to me like a promising approach for documenting privacy risks of different types. Classifying properties of credentials doesn't seem like a task for individual...