You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When a new affiliate receives the verification email message, they click on the link therein to show that they control the email address.
Currently, the next page they see is the Manage applications page.
Instead we need a welcome page, from the agent offering it services and asking how they want to know that they control it. There are two (better with three?) dimensions to this:
the random code in the URL (actually the event channel identifier (ECI)) that would be hard for an attacker to guess
a cookie set in their browser (named the system self channel ECI with value chosen randomly)
we could offer something additional (a verifiable credential (VC) or simply a password/phrase of their choice)
Having read this, they can then offer to accept the responsibility of controlling an agent in the cloud.
The text was updated successfully, but these errors were encountered:
When a new affiliate receives the verification email message, they click on the link therein to show that they control the email address.
Currently, the next page they see is the Manage applications page.
Instead we need a welcome page, from the agent offering it services and asking how they want to know that they control it. There are two (better with three?) dimensions to this:
Having read this, they can then offer to accept the responsibility of controlling an agent in the cloud.
The text was updated successfully, but these errors were encountered: