Re: privacy definitions -- was: WebID questions from Henry Story on 2012-10-17 (public-privacy@w3.org from October to December 2012)

From: Henry Story <henry.story@bblfish.net>
Date: Wed, 17 Oct 2012 11:24:54 +0200
To: wilton@isoc.org
Cc: "David Singer" <singer@apple.com>, "Melvin Carvalho" <melvincarvalho@gmail.com>, "Ben Laurie" <benl@google.com>, "public-privacy list" <public-privacy@w3.org>, public-webid@w3.org
Message-Id: <9E63F4F5-B966-4965-9518-2DFA7F77DAA9@bblfish.net>

On 17 Oct 2012, at 10:35, wilton@isoc.org wrote:

> I agree; there are already tools that will tell you is cookies are being set (or blocked...).
> 
> A tool which could tell you what the identifier is that has been set by a given site would provide useful raw data, but that data would need more processing over time if it were to be used as the basis for user decisions about separation of personas.

The data would indeed need to be presented nicely to the user via the chrome. It is really 
important that this happen in the chrome, because that is the part the user can trust.

So imagine that one develop the cookied mechanism into a WebID cookie somehow. Then one could
have the HTTP header return something like

Cookie: ....
WebID-Cookie: /users/george

Where an HTTP GET on /users/george would return a document semantically equivalent
to something like the following Turtle ( http://w3.org/TR/Turtle )

<> a foaf:PersonalProfileDocument;
   foaf:primaryTopic <#me> .

<#me> a foaf:Person;
      foaf:icon <img/smal-pic> ;
      foaf:homePage <.> .

the browser can then fetch this document to give a UI for that site, where of course
all the above data is access controlled and only visible to the user with that cookie.
As the user changes his profile on his home page, so the icon in his chrome would change
too.

Now all that http://webid.info/spec/ does is allow the same to be done on a global scale
for users that want to be able to link up across web sites. This can in fact 
increases privacy as I argued in "Liking Linkability" thread
  http://lists.w3.org/Archives/Public/public-webid/2012Oct/0071.html

but ONLY IF Transparency of identity is correctly implemented in the browser.

Henry

> 
> Yrs.,
> Robin
> 
> Sent from my BlackBerry - apologies for typos/terseness
> 
> -----Original Message-----
> From: David Singer <singer@apple.com>
> Date: Wed, 17 Oct 2012 16:28:27 
> To: Henry Story<henry.story@bblfish.net>
> Cc: Melvin Carvalho<melvincarvalho@gmail.com>; Ben Laurie<benl@google.com>; public-privacy list<public-privacy@w3.org>; <public-webid@w3.org>
> Subject: Re: privacy definitions -- was: WebID questions
> 
> I think Aza is doing something different from what I heard you imply.  I thought you wanted a visual indicator somewhere "this site has cookies set".  Aza seems to be saying here "you are logged-in to this site as GuyFawkes".  These are different statements, and the first has questionnable value.  Sorry if I misunderstood.
> David Singer
> Multimedia and Software Standards, Apple Inc.
> 
> 

Social Web Architect
http://bblfish.net/

Attachments

application/pkcs7-signature attachment: smime.p7s

Received on Wednesday, 17 October 2012 09:25:32 UTC