Re: WEbID Todos

On 8 October 2012 13:34, Ben Laurie <benl@google.com> wrote:

> On 8 October 2012 11:28, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
> >
> >
> > On 8 October 2012 11:36, Ben Laurie <benl@google.com> wrote:
> >>
> >> On 6 October 2012 08:48, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> >> > WebID is actually 2 specs.
> >> >
> >> > 1. The first part is authentication via your public key which is a IFP
> >> > of
> >> > your identity.  In certain circumstances (ie caching, just like
> >> > ~/.ssh/authorized_keys ) you can be done here and it operates like
> SSH.
> >> >
> >> > (1) I think solves the unlinkability problem
> >>
> >> How? Clearly the public key makes all authentications that use it
> >> linkable.
> >
> >
> > You're absolutely right.  We discussed this topic a bit more in the
> WebID CG
> > group over the weekend.
> >
> > You'd have to either
> >
> > 1) Change key every time
> > 2) Use a widely used shared key e.g. if we set one up at
> > http://webid.info/#anonymous
> >
> > However, the easy option if you want anonymity (which I believe
> > unlinkability is related to) is not to send a certificate at all.  This
> is
> > much of the normal flow as you should only need to send the cert when
> > logging in, and you can hit 'cancel' on all major browsers.
>
> How do you log in, then? That is, how do I get linkability between
> sessions at a particular site but not between sessions at different
> sites?
>

There is a different dialog in each browser.  I think henry has screenshots
of them all.

If you look at this screencast:

http://webid.info/

>From 4m30s -> 6m00 It will show you some of the different UIs


>
>
> >
> > Or even easier use a different browser / different browser profile.
>