A token should enable a service provider to encrypt data on behalf of the user.
Aside from the fact encrypting data may soon be against the law in a number of countries, we want to be able to provide for and suggest secure strategies that will "just work".
I think the suggestion should be to take the sha256 of the account ppid, use that hash for storing data in the database, and never storing the account ppid itself. This would allow the account ppid to function at the encryption key seed for any data that ought to be encrypted.
A token should enable a service provider to encrypt data on behalf of the user.
Aside from the fact encrypting data may soon be against the law in a number of countries, we want to be able to provide for and suggest secure strategies that will "just work".
I think the suggestion should be to take the sha256 of the account ppid, use that hash for storing data in the database, and never storing the account ppid itself. This would allow the account ppid to function at the encryption key seed for any data that ought to be encrypted.