Identity transparency in the Browser - another privacy issue

A week ago we had an interesting debate on the WebID and Identity
mailing lists with Ben Laurie [1].  Christine Runnegar asked me at
the time to post a summary of it here, as it should be of interest
to the PING list.

We started off with a lengthy discussion full of misunderstandings which
started clearing up when we agreed that transparency of identity is important 
at all times (which seems to be potentially a EU legal requirement [2]) 

In the process I discovered about how Google Chrome works, and argue that 
it still does not satisfy the  original transparency principles we agreed to.
The current colour coded pdf shows the evolution of the discussion very well:

http://lists.w3.org/Archives/Public/public-webid/2012Oct/att-0022/privacy-definitions-1Oct.pdf

After a few more exchanges I showed how using WebID certificates could 
lead to enhanced transparency in identity usage for browsers in the future:

http://lists.w3.org/Archives/Public/public-webid/2012Oct/att-0022/privacy-definition-final.pdf

This is important in my view especially as the criticism against client certificates
is often one of user interface, which the above exchanges show is no worse than the
problems with cookies. It is not that much work for browser vendors to get this right,
and so by improving the transparency of identities used enable better privacy awareness.

	Henry 

[1] http://en.wikipedia.org/wiki/Ben_Laurie
[2] see Dr Ian Walden's contribution 
    http://lists.w3.org/Archives/Public/public-webid/2012Oct/0021.html

Social Web Architect
http://bblfish.net/

Received on Monday, 15 October 2012 13:29:07 UTC