The basic idea of this is that your information is not given away as it is using a standard Identity Provider. Instead, the user’s privacy is maintained by only giving out meta-data in response to questions from the relying party. The example quoted by Bob is:
“It can do this simply by changing what it puts into the claims it hands out to Relying Parties. Instead of answering a Relying Party’s query “How old is Bob?” with the claim “Bob is 45”, it can answer “How old is Bob?” with the claim “Bob is over 18”.
I think that this is a great concept. It not only prevents the identity providers from giving away your information (their assets) but it stops the relying parties taking that data and either:
1) Storing the information and therefore creating their own identity silos.
2) Storing the information and then passing it on to other parties without the users knowledge.
I hope this idea gains traction.
Well done Bob!