Re: Some starting points from JEPI

Rohit Khare <khare@pest.w3.org> wrote:
>  Thus, any FORM with a text field named (say)
>  http://pep.w3.org/AutoFill/FName could have a default
>  value supplied automatically by the user's browser.  This
>  can be implemented completely by browsers.

I agree this can be implemented by browsers, but this scenario
stops too soon as an important part is missing -- who am I?

When first asked by some form for information about myself, my
*browser* would ask me for identification/authentication probably
via a name/password combination.  This would unlock a file on disk
(perhaps on a floppy or smart card that I carry with me) that
contains my identity(s).

I may have an identity for work and another for home, perhaps a
third for "indecent" activities (whatever those are), etc.  Some
of these identities would activate themselves upon browsing
certain URLs, others would check with the me first.  When a
never-before seen page asks for an identity, one of two things
could happen: I could have instructed my browser to offer my
default identity automatically in such cases, in which case my
identity is transparently passed along; or a pop-up menu with
choices including my current IDs, an option to create a new ID,
and a button to auto-generate a one-time-use "anonymous" ID.

Note that most (if not all, once anonymous cash is available) of
these identities can be divorced from my actuual self, and thus
they are "authenticatable pseudonymous personae".

>  3) Demographic Profiling

It is to my benefit to *limit* the number of personae I use for
the purpose of creating better, more in-depth profiles.  These
profiles work for me as publishers and advertisers can use them to
better tailor their content and place their ads for my greatest
satisfaction.  If I receive disagreeable content, I will change my
profile (or contract with an information broker to help me with
this task).

My thinking is that pseudonymous profiles *ought* to be shared, so
that wherever I go, I get the benefit of tailored information.
The next step is to create "profile servers" that maintain my
profiles while I am off-line, so that brokers can connect me with
sources of information of interest to me 24 hours a day, and vice
versa.  As long as the profile can not by inspection lead someone
to my doorstep (I believe this can be done) then there is not a
privacy violation.



Fen Labalme              WE ARE EVERYWHERE             JUST SAY "KNOW"
<fen@comedia.com>        //www.comedia.com        home/fax:(415) 731-1174
<fen@songline.com>       //www.songline.com       songline:(707) 829-6535