|
|
|
|
|
|
by nly
3073 days ago
|
|
|
Your example only works where pseudo-anonymous identities can be created at-will and you are willing to build your entire ecosystem on some kind of reputation system (how long an identity has existed, how many organisations vouch for the behaviour of that user, etc etc). The moment you introduce a trust anchor (like an e-mail provider via e-mail address verification, or government issued id) you may as well have gone with OAuth2 |
|
|