Hi all,
for years, I've wanted to document compelling use cases for delegation
so that people that design or operate applications understand the need
to provide not just authentication but delegation.
My partner just made me realize we are both actually living a very
compelling use case ourselves that many other people may also live… My
partner has a chronic illness and mental issues and both fatigue and
anxiety make it sometimes hard, sometimes impossible, to use most
applications.
This means that, as a caretaker, I need to know and use their every
login and password, for banking, taxes, healthcare appointments, etc…
As a developer, I was initially absolutely opposed to do that but I
quickly realized that it was not a realistic option to stay
principled, because my partner needs those formalities done and they
lack autonomy.
Providing a delegation UI for most apps would serve two important
purposes in this use case:
- for the delegator
- they can explicit what actions were taken not by them directly,
which is invaluable if the delegation is abused
- they can retake control when circumstances make it
either possible or necessary
- the delegation can easily become visible and official, so they
don't need to intervene in every interaction to confirm that they
actually agree with someone else acting on thei behalf
- for the caretaker
- they can explicit that they are acting on behalf on someone else
and not hacking someone else's account
- they can protect themselves by refusing access to the main account
For both their safety and UX, a delegation UI could provide additional
tools like the ability to comment the context of delegated actions or
reconcile actions taken by the caretaker.
What do you think of that use case? Do you know other use cases that
could be compelling to lobby for a generalized deployment of
delegation in online applications?
I would like to publish something like a "Delegation Manifesto".
Curiously,
Pierre Thierry
--
pie...@nothos.net
OpenPGP 0xD9D50D8A