Subject ID
From MgmtWiki
Full Title or Meme
A Subject ID is a digital Identifier associated with some real-world Entity that has established an interchange on the internet by means of a User Agent.
Context
- Some providers will reuse Subject IDs once a connection to a real user has been broken for some specified period of time. Email addresses, in particular, typically have this characteristic. A fully compliant implementation would not reuse Subject IDs.
- There is a draft RFC on Subject IDs for use in Security Event Tokens Subject Identifiers for Security Event Tokens.
Problems
Solutions
- Users are often asked to use their email address or cell phone number as a local user name since the email address and phone number with country code (+1 in North America) are known to be a URI and hence unique in that context. Reuse of email and phone numbers could be an issue.
References
- Synonyms for a Subject ID include User Name, display name, gamertag, nom de guerre, Pseudonym, URI or (on Facebook) Name subject to arbitrary termination.
- Anonym is not used in the context of identity as it does not provide one. It may be used as the condition (Anonymous) of a user prior to accepting (1) a cookie, (2) a fixed IP address, (3) an HTTPS connection or (4) a request for an Identifier.