W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2010

Re: [saag] [websec] [apps-discuss] [kitten] HTTP authentication: the next generation

From: Ben Laurie <benl@google.com>
Date: Mon, 20 Dec 2010 10:50:09 +0000
Message-ID: <AANLkTinAUm_Vo9gYomFFi_7eSftk=CQzq_TvgYaNM4ck@mail.gmail.com>
To: Josh Howlett <Josh.Howlett@ja.net>
Cc: Phillip Hallam-Baker <hallam@gmail.com>, Common Authentication Technologies - Next Generation <kitten@ietf.org>, websec <websec@ietf.org>, "saag@ietf.org" <saag@ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>, General discussion of application-layer protocols <apps-discuss@ietf.org>, "http-auth@ietf.org" <http-auth@ietf.org>
On 20 December 2010 09:25, Josh Howlett <Josh.Howlett@ja.net> wrote:
>> As Web sites discover that their account holders cannot remember their
>> username, most have adopted email addresses as account identifiers.
>> That is what we should use as the basis for federated web
>> authentication.
>
> Unfortunately this approach transgresses the fourth Law of Identity: 'Directed Identity'.
>
> "A universal system must support both omni-directional identifiers for use by public entities and unidirectional identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles"

Of course these are not actually laws, just good ideas.

However: the core failing seems to be the requirement that users
should remember any more than their one "master identity" which is
used to store all the others (see my Nigori work for how).

>
> Josh.
>
> JANET(UK) is a trading name of The JNT Association, a company limited
> by guarantee which is registered in England under No. 2881024
> and whose Registered Office is at Lumen House, Library Avenue,
> Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
>
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag
>
Received on Monday, 20 December 2010 10:50:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:34 GMT