Re: U-Prove from Kaliya IDwoman on 2017-01-11 (public-credentials@w3.org from January 2017)

From: Kaliya IDwoman <kaliya-id@identitywoman.net>
Date: Wed, 11 Jan 2017 08:18:01 -0800
To: Anders Rundgren <anders.rundgren.net@gmail.com>
Cc: Phil Archer <phila@w3.org>, Credentials Community Group <public-credentials@w3.org>
Message-Id: <3812A919-F8B4-47A6-B3BF-693EC3EE2452@identitywoman.net>

Sent from my iPhone

> On Dec 30, 2016, at 5:57 AM, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
> 
>> On 2016-12-30 11:42, Phil Archer wrote:
>> Dear all,
>> 
>> Can I ask this group for a view on U-Prove [1] please? In particular,
>> the privacy aspects that appear to be superior to the architecture
>> proposed for the VCWG. The issue boils down to trackability.
> 
> You are right. U-Prove is a superior technology from a privacy point of view.
> 
> Since Microsoft hired the principal inventor as well as bought his company for a substantial sum a question comes to my mind:
> Why haven't Microsoft itself commercialized/popularized this technology more?

They tried really really hard. I know the principles involved and analysts who assessed the market around it.

If MSFT can't sell it no one can. 

The market doesn't want "claims" that seem to come from nowhere and because of that don't really have accountability.

Yes the crypto proves "them" the claims but people's brains don't work that way. Human heuristics and logic of how things work in paper based and face to face world interfere with acceptance.

> 
> I believe there are multiple reasons including:
> - Lack of real-world use cases
> - Difficult user interfaces
> - No working business model for issuers
> 
> Then there is a fundamental issue with *all* privacy preserving systems:
> If the receiver of a verified claim doesn't respect your privacy it doesn't matter how smart your privacy preserving scheme is.
> 
> As an example of the latter is the scheme imposed by the EU for protection of fingerprints in e-passports which I have had the "pleasure" to be involved with as a developer.
> The idea is that only "good states" should be able to read/verify your fingerprint which is assured through an extremely sophisticated (read: complex) PKI-based access control scheme known as EAC/SPOC.
> However, immediately after you have put your finger on a border-control fingerprint-reader the "bad state" may record it anyway.
> It goes without saying that all EU governments bought into this!  https://en.wikipedia.org/wiki/The_Emperor's_New_Clothes
> 
> If we take FIDO/WebAuthentication it offers unlinkability.  But even in this case it is unclear if unlinkability actually is achievable since hardly any service provider (of any value to a user) accept registrations without a verified e-mail address.  Since e-mail addresses are GUIDs (Globally Unique IDs) only people with specific interests in privacy (=having multiple e-mail addresses) will in reality benefit from the FIDO privacy protection scheme which IMO severely reduces the value of *that* particular aspect of FIDO.
> 
> 
> 
> Regards,
> Anders
> 
>> 
>> Thanks
>> 
>> Phil
>> 
>> [1] https://www.microsoft.com/en-us/research/project/u-prove/
>> 
> 
>

Received on Wednesday, 11 January 2017 16:18:35 UTC