W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2012

Re: [saag] Liking Linkability

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Thu, 18 Oct 2012 18:23:41 +0200
Message-ID: <CAKaEYhK40aa7wZg_inbjxoauMQ-wXLvMAE4fpssdrg2XB-gBkA@mail.gmail.com>
To: Ben Laurie <benl@google.com>
Cc: Henry Story <henry.story@bblfish.net>, "Klaas Wierenga (kwiereng)" <kwiereng@cisco.com>, "public-identity@w3.org" <public-identity@w3.org>, "public-philoweb@w3.org" <public-philoweb@w3.org>, "saag@ietf.org" <saag@ietf.org>, "public-webid@w3.org" <public-webid@w3.org>, "public-privacy@w3.org" <public-privacy@w3.org>
On 18 October 2012 17:34, Ben Laurie <benl@google.com> wrote:

> On 9 October 2012 14:19, Henry Story <henry.story@bblfish.net> wrote:
> > Still in my conversations I have found that many people in security
> spaces
> > just don't seem to be  able to put the issues in context, and can get
> sidetracked
> > into not wanting any linkability at all. Not sure how to fix that.
>
> You persist in missing the point, which is why you can't fix it. The
> point is that we want unlinkability to be possible. Protocols that do
> not permit it or make it difficult are problematic. I have certainly
> never said that you should always be unlinked, that would be stupid
> (in fact, I once wrote a paper about how unpleasant it would be).
>
> As I once wrote, anonymity should be the substrate. Once you have
> that, you can the build on it to be linked when you choose to be, and
> not linked when you choose not to be. If it is not the substrate, then
> you do not have this choice.
>
>
What are the criteria for anonymity to be considered an acceptable
substrate?

1. For example if I dont send my certificate, no one can ever link me.  Is
that good enough?

2. I suggested a shared anonymous identity (either an individual or group)
eg at http://webid.info/#anon .  What that solve the problem.

3. Are we looking for more crypto style proofs, such as chaumian blinding,
anonymous veto, OpenPGP style subkeys or one time shared secrets?

I understand what you are suggesting, but on what criteria would a
suggested solution be measured?
Received on Thursday, 18 October 2012 16:24:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 18 October 2012 16:24:11 GMT