W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2012

Identity transparency in the Browser - another privacy issue

From: Henry Story <henry.story@bblfish.net>
Date: Mon, 15 Oct 2012 15:28:30 +0200
Message-Id: <E177FAE1-EF6D-403E-ABF2-0FC533892471@bblfish.net>
To: "public-privacy" <public-privacy@w3.org>
A week ago we had an interesting debate on the WebID and Identity
mailing lists with Ben Laurie [1].  Christine Runnegar asked me at
the time to post a summary of it here, as it should be of interest
to the PING list.

We started off with a lengthy discussion full of misunderstandings which
started clearing up when we agreed that transparency of identity is important 
at all times (which seems to be potentially a EU legal requirement [2]) 

In the process I discovered about how Google Chrome works, and argue that 
it still does not satisfy the  original transparency principles we agreed to.
The current colour coded pdf shows the evolution of the discussion very well:


After a few more exchanges I showed how using WebID certificates could 
lead to enhanced transparency in identity usage for browsers in the future:


This is important in my view especially as the criticism against client certificates
is often one of user interface, which the above exchanges show is no worse than the
problems with cookies. It is not that much work for browser vendors to get this right,
and so by improving the transparency of identities used enable better privacy awareness.


[1] http://en.wikipedia.org/wiki/Ben_Laurie
[2] see Dr Ian Walden's contribution 

Social Web Architect

Received on Monday, 15 October 2012 13:29:07 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:23:54 UTC