W3C home > Mailing lists > Public > public-credentials@w3.org > November 2015

Re: Solutions to the NASCAR problem?

From: David Chadwick <d.w.chadwick@kent.ac.uk>
Date: Mon, 23 Nov 2015 16:47:11 +0000
To: Anders Rundgren <anders.rundgren.net@gmail.com>, public-credentials@w3.org
Message-ID: <5653430F.3040300@kent.ac.uk>


On 23/11/2015 12:00, Anders Rundgren wrote:
> On 2015-11-23 10:51, David Chadwick wrote:
> snip>
>> On 23/11/2015 05:40, Anders Rundgren wrote:
>>> Pardon me for being unclear.  I understand the concept on this level,
>>> I was only curious about the user processes needed for this to work.
>>>
>>> Anyway, I have considerable faith in the augmented key model where
>>> issuer-defined attributes are used to enhance a key's usage.
>>>
>>> The "only" problem is how to deal with such keys on the Web without
>>> creating [close to] unresolvable privacy, usability, or security
>>> problems.
>>
>> You are correct that there are some privacy issues, but I do not believe
>> they are that big if everyone plays by the rules. If they do not, then
>> there can never be any privacy guarantees as Edward has kindly revealed.
> 
> Agreed.  I was actually referring to "my model" where key metadata plays a
> major role.  A scaled-down version of this can be found in this one-page
> doc:
> http://webpki.org/papers/decentralized-payments.pdf
> The certificate could surely be replaced by an account-ID, but I'm
> old-school you know :-)
> 

Your model is similar to mine, but is dealing with a step after mine has
completed. Mine deals with presenting a credentail/assertion, then
stops. FIDO already has a process for OKing a transaction.
Comparing our models, your wallet is my authz module, your cert is
replaced by a FIDO key pair, so no identity is associated with the
public key.
The web site sends its authz policy to the wallet/authz module and it
compares this to the credentials held by the user. It either presents
matching ones for the user to choose between (more than one match) or
consent to (exactly one match) or say Sorry you cannot proceed
(insufficient credentials).

regards

David
> 
>> Usability is always hard to get right, but we have experimented with a
>> GUI for over a year and think it is intuitive and easy to use.
> 
> *This* is the thing I'm Interested in.  How is the consumer key sent to
> the issuer from a user perspective?
> 
> 
>> I am not aware of any additional security issues with this scheme that
>> are not always present when users and technology are involved.
> 
> You're probably right :-)
> 
> Regards
> Anders
>>
>> regards
>>
>> David
>>>
>>> Regards
>>> Anders
>>>
>>>>
>>>> regards
>>>>
>>>> David
>>>>>
>>>>> Anders
>>>>>
>>>
>>>
> 
> 
Received on Monday, 23 November 2015 16:47:17 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:26 UTC