Open dialtone opened 3 years ago
Suggested solution – some mechanism for directed identities having an IdP-less recovery mechanism baked in. This may be taken as a poison pill, since it raises the bar for use of their directed identities all up, but from a long-term support standpoint, it seems important.
I may have missed discussion on these 2 topics in other issues or in the spec itself but it's not clear to me how this specification would protect from the following:
Wouldn't the IDP be able to access all the emails forwarded through the proxy email address? Wouldn't this be a worse security position to be in as it centralized (or at least moved to a few IDP) all email flows when it comes to governments wanting to access those objects?
Wouldn't the use of directed identifiers also open up issues when it comes to trade dispute between parties, such as recently Apple and Epic, where you might lose access to a large chunk of your users? Shouldn't there be a mechanism to allow exporting the mapping of the emails to prevent being held for ransom by a few big companies managing identity?
cheers!