W3C home > Mailing lists > Public > public-webid@w3.org > October 2012

Re: WEbID Todos

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Mon, 8 Oct 2012 13:39:58 +0200
Message-ID: <CAKaEYh+W68059gk0=WLpyXB74nwh7Bd0i6s59pXVp7xLY8waig@mail.gmail.com>
To: Ben Laurie <benl@google.com>
Cc: Henry Story <henry.story@bblfish.net>, "public-webid@w3.org" <public-webid@w3.org>
On 8 October 2012 13:34, Ben Laurie <benl@google.com> wrote:

> On 8 October 2012 11:28, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
> >
> >
> > On 8 October 2012 11:36, Ben Laurie <benl@google.com> wrote:
> >>
> >> On 6 October 2012 08:48, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> >> > WebID is actually 2 specs.
> >> >
> >> > 1. The first part is authentication via your public key which is a IFP
> >> > of
> >> > your identity.  In certain circumstances (ie caching, just like
> >> > ~/.ssh/authorized_keys ) you can be done here and it operates like
> SSH.
> >> >
> >> > (1) I think solves the unlinkability problem
> >>
> >> How? Clearly the public key makes all authentications that use it
> >> linkable.
> >
> >
> > You're absolutely right.  We discussed this topic a bit more in the
> WebID CG
> > group over the weekend.
> >
> > You'd have to either
> >
> > 1) Change key every time
> > 2) Use a widely used shared key e.g. if we set one up at
> > http://webid.info/#anonymous
> >
> > However, the easy option if you want anonymity (which I believe
> > unlinkability is related to) is not to send a certificate at all.  This
> is
> > much of the normal flow as you should only need to send the cert when
> > logging in, and you can hit 'cancel' on all major browsers.
>
> How do you log in, then? That is, how do I get linkability between
> sessions at a particular site but not between sessions at different
> sites?
>

There is a different dialog in each browser.  I think henry has screenshots
of them all.

If you look at this screencast:

http://webid.info/

>From 4m30s -> 6m00 It will show you some of the different UIs


>
>
> >
> > Or even easier use a different browser / different browser profile.
>
Received on Monday, 8 October 2012 11:40:30 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:37 UTC