Observations on identity and privacy from 2004, just as applicable today as back then. Maybe even more so, given Facebook connect, Google signin, and OpenID … - Amit Patel

"Technical identity systems must only reveal information identifying a user with the user’s consent. " - Amit Patel

"The solution that discloses the least amount of identifying information and best limits its use is the most stable long-term solution." - Amit Patel

"Digital identity systems must be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship." - Amit Patel

"A universal identity system must support both “omni-directional” identifiers for use by public entities and “unidirectional” identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles." - Amit Patel

"A universal identity system must channel and enable the inter-working of multiple identity technologies run by multiple identity providers." - Amit Patel