[conspire] Who authenticates to whom?

[Rick Moen]

Quoting Leo P (yaconsult at gmail.com):

> When I get these survey notices from PAMF, they always contain a unique URL
> that takes me to a form where I click buttons and fill in the blanks to
> answer questions about my satisfaction in various areas for a recent visit
> to a specific doctor.  They never require me to enter any personal
> information as they know who is filling out the form due to the unique
> URL.  I am much more likely to complete these electronic surveys than I am
> the printed forms that they used to send out for me to snail mail back.

Leo --

In this case, I'm _not_ talking about Palo Alto Medical Foundation, but
rather Kaiser Permanente.  Glad to hear the PAMF implemented the idea a
little better.

If I were in PAMF and received via Internet e-mail a 'please fill out
this survey' notice directing me to visit and enter personal information
(even just satisfaction metrics) into a third-party domain's Web site, I'd 
still want to know how they would be authenticating themselves to _me_, 
especially as, y'know, in general, stuff on the Internet is of
questionable authentication to a first approximation.