- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Fri, 19 Oct 2012 15:19:10 +0200
- To: Klaas Wierenga <klaas@cisco.com>
- CC: Ben Laurie <benl@google.com>, Kingsley Idehen <kidehen@openlinksw.com>, Henry Story <henry.story@bblfish.net>, "public-identity@w3.org" <public-identity@w3.org>
On 2012-10-19 14:43, Klaas Wierenga wrote: > Hi, > > (as a side note: shouldn't this be on the privacy list rather than the saag list?) > > On Oct 18, 2012, at 9:30 PM, Anders Rundgren <anders.rundgren@telia.com> wrote: > >> On 2012-10-18 18:06, Ben Laurie wrote: >>>> Do you have example of what you describe? By that question I mean: implicit >>>> anonymity as a functional substrate of some realm that we experience today? >>> That's what selective disclosure systems like U-Prove and the PRIME >>> project are all about. >>> >> Which will never be of any practical use because without a reference >> back you cannot really get anything useful done. The search service >> monopoly your employer (Google) runs is clearly among the largest threats >> to privacy there is so I don't understand what you are blabbing about. >> >> Is this about theory versus practice :-) > Let's refrain from ad hominem attacks in a technical discussion…. Pardon, I get a little bit bored by hearing folks from Google preach about privacy when they are sitting on one of the largest piles of personal information there is. And U-Prove surely haven't been a success. I expect it to fail like all other Microsoft ID-related initiatives from Passport, to InformationCards, and forward. > > I don't think anyone has argued that linkability is a bad thing per se, what I believe is the crux is whether the links exists -by default- (like locators for a person that can be looked up by 3d parties in DNS) rather than -by choice-. It is the difference between being listed in the phone directory versus giving someone your phone number. I think the likes of Tor are not sufficient here, if the norm is that you are linkable than someone that is using Tor is by definition suspicious… > David Chadwick rightfully remarks that there is a balance that you need to strike based on a risk analysis, for me the question is how much of that risk analysis you want to leave to the protocol designer versus the end-user. As an end-user I like to have sufficient control over my privacy without having to understand how to do Tor. I think that the unlinkability should be put in a wider privacy context: - We know that cell-phone providers know not only who we speak to, but also our surfing habits, and our location. - We also know that 0.5Bn individuals have a Facebook account. - We also know that the healthcare community/industry is building HUGE journal systems making WikiLeaks-like attacks both possible and potentially useful. So I honestly do not think that a globally unique (highly linkable) e-mail address is something anybody except very paranoid people should worry about. BTW, I use Google as IdP to several other sites and I like it. Identity theft seems to be a MUCH worse problem. Well, IF there had been anonymous digital money that would have been great! But it didn't work for a lot of reasons including unlinkability which opens the gates to money laundering. Anders > > Klaas > >
Received on Friday, 19 October 2012 13:19:56 UTC