On 10/19/12 9:52 AM, Ben Laurie wrote:
>> You really need to expand on what the danger is. Because again
>> >I think you are thinking of the site I am connecting to as the attacker.
>> >But I may be wrong.
> I'm getting quite tired of this: the point is, you cannot achieve
> unlinkability with WebID except by using a different WebIDs. You made
> the claim that ACLs on resources achieve unlinkability. This is
> incorrect.
What is an ACL (Access Control List) to you?
Does "Data Access Policy" work any better so that we stop being
distracted by something with different means to the participants in this
debate.
Can a data access policy deliver unlinkability ?
>
> So yes, the scenario is there are two sites that I connect to using
> WebID and I want each of them to not be able to link my connections to
> the other.
This is an absolute non issue re. the combination of WebID, the WebID
authentication protocol, and logic based data access policies. You're
basically saying I (as in nebulous "You") have the personas 'Spiderman'
and 'Peter Parker' and I want those personas to remain distinct. All of
this holding true within the contextual fluidity of the Internet and
World Wide Web.
> To do this, I need two WebIDs, one for each site. ACLs do
> not assist.
It's a problem solved via the combination of WebIDs (cryptographically
verifiable identifiers), WebID authentication protocol, and logic based
data access policies. If this was actually the deal breaker for WebID
(verifiable identifiers and authentication protocol) based data access
policies (or ACLs) why would Henry and I invest some much time trying to
get you to move beyond this fundamental misconception?
>
--
Regards,
Kingsley Idehen
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen