W3C home > Mailing lists > Public > public-credentials@w3.org > June 2016

Re: Non-correlation / pseudo-anonymity (was Re: VOTE: Verifiable Claims Terminology)

From: David Chadwick <d.w.chadwick@kent.ac.uk>
Date: Sat, 11 Jun 2016 19:13:34 +0100
To: public-credentials@w3.org
Message-ID: <034b890b-a427-4aa5-9124-33410da6645f@kent.ac.uk>


On 11/06/2016 18:31, Steven Rowat wrote:
> On 6/11/16 9:46 AM, Manu Sporny wrote:
>> On 06/11/2016 07:27 AM, David Chadwick wrote:
>>> By using a common ID for two different identity profiles we produce
>>> a correlation handle for the relying parties.
>>
>> Yes, correlation handles are REQUIRED for a number of use cases.
>> Pseudo-anonymity is REQUIRED for others. We need both.
>>
>> For example:
>>
>> You get a driver's license from Entity A.
>> You get a proof of employment from Entity B.
>>
>> A bank asks you to submit both to open a new account. In a non-common ID
>> scenario, how does an automated software program determine that the
>> driver's license and the proof of employment are talking about the same
>> identifier?
> 
> I'm not seeing a problem with this yet with the John (entity) and Alfred
> and Bob (pseudonyms) example. Only the pseudonym "Alfred" will be used
> to represent a single person, and so only one identifier will be used
> for the license, the proof of employment, and the Bank (for Alfred).

I dont think so. What you are describing seems to be just like the cat
example. The point Manu is making I believe, is that the credentials
have been issued by different trusted issuers, and therefore contain
different IDs.

regards

David

> 
> If the government gets a warrant to find out who Alfred is, they can,
> and somewhere there will exist a registry that links John and Alfred's
> separate ids.
> 
> Steven
> 
> 
> 
> 
Received on Saturday, 11 June 2016 18:14:01 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:29 UTC