W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2012

Re: [saag] Liking Linkability

From: Henry Story <henry.story@bblfish.net>
Date: Thu, 18 Oct 2012 21:20:09 +0200
Cc: Sam Hartman <hartmans-ietf@mit.edu>, "public-identity@w3.org" <public-identity@w3.org>, "saag@ietf.org" <saag@ietf.org>, "public-privacy@w3.org" <public-privacy@w3.org>, "public-philoweb@w3.org" <public-philoweb@w3.org>, "public-webid@w3.org" <public-webid@w3.org>
Message-Id: <FB9E461D-CA62-4806-9599-054DF24C3FD9@bblfish.net>
To: Mouse <mouse@Rodents-Montreal.ORG>

On 18 Oct 2012, at 21:04, Mouse <mouse@Rodents-Montreal.ORG> wrote:

>> [...]
>> Unfortunately, I think that's too high of a price to pay for
>> unlinkability.
>> So I've come to the conclusion that anonymity will depend on
>> protocols like TOR specifically designed for it.
> 
> Is it my imagination, or is this stuff confusing anonymity with
> pseudonymity?  I feel reasonably sure I've missed some of the thread,
> but what I have seem does seem to be confusing the two.
> 
> This whole thing about linking, for example, seems to be based on
> linking identities of some sort, implying that the systems in question
> *have* identities, in which case they are (at best) pseudonymous, not
> anonymous.

With WebID ( http://webid.info/ ) you have a pseudonymous global identifier,
that is tied to a document on the Web that need only reveal your public key. 
That WebID can then link to further information that is access controlled,
so that only your friends would be able to see it.

The first diagram in the spec shows this well 

  http://webid.info/spec/#publishing-the-webid-profile-document

If you put WebID behind TOR and only have .onion WebIDs - something that
should be possible to do - then nobody would know WHERE the box hosting your 
profile is, so they would not be able to just find your home location 
from your ip-address. But you would still be able to link up in an access 
controlled manner to your friends ( who may or may not be serving their pages
behind Tor ).

You would then be unlinkable in the sense of 
http://tools.ietf.org/html/draft-iab-privacy-considerations-03

[[
      Within a particular set of information, the
      inability of an observer or attacker to distinguish whether two
      items of interest are related or not (with a high enough degree of
      probability to be useful to the observer or attacker).
]]

from any person that was not able to access the resources. But you would
be linkable by your friends. I think you want both. Linkability by those 
authorized, unlinkability for those unauthorized. Hence linkability is not
just a negative.

Henry


> 
> /~\ The ASCII				  Mouse
> \ / Ribbon Campaign
> X  Against HTML		mouse@rodents-montreal.org
> / \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag

Social Web Architect
http://bblfish.net/



Received on Thursday, 18 October 2012 19:20:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 18 October 2012 19:20:44 GMT