Re: WEbID Todos from Melvin Carvalho on 2012-10-08 (public-webid@w3.org from October 2012)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Mon, 8 Oct 2012 13:55:26 +0200
To: Ben Laurie <benl@google.com>
Cc: Henry Story <henry.story@bblfish.net>, "public-webid@w3.org" <public-webid@w3.org>
Message-ID: <CAKaEYhJOtx0z-+GazGk-oi5vxCPJ1viZXOYyCFyiaa_YWON=nQ@mail.gmail.com>

On 8 October 2012 13:48, Ben Laurie <benl@google.com> wrote:

> On 8 October 2012 12:39, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
> >
> >
> > On 8 October 2012 13:34, Ben Laurie <benl@google.com> wrote:
> >>
> >> On 8 October 2012 11:28, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> >> >
> >> >
> >> > On 8 October 2012 11:36, Ben Laurie <benl@google.com> wrote:
> >> >>
> >> >> On 6 October 2012 08:48, Melvin Carvalho <melvincarvalho@gmail.com>
> >> >> wrote:
> >> >> > WebID is actually 2 specs.
> >> >> >
> >> >> > 1. The first part is authentication via your public key which is a
> >> >> > IFP
> >> >> > of
> >> >> > your identity.  In certain circumstances (ie caching, just like
> >> >> > ~/.ssh/authorized_keys ) you can be done here and it operates like
> >> >> > SSH.
> >> >> >
> >> >> > (1) I think solves the unlinkability problem
> >> >>
> >> >> How? Clearly the public key makes all authentications that use it
> >> >> linkable.
> >> >
> >> >
> >> > You're absolutely right.  We discussed this topic a bit more in the
> >> > WebID CG
> >> > group over the weekend.
> >> >
> >> > You'd have to either
> >> >
> >> > 1) Change key every time
> >> > 2) Use a widely used shared key e.g. if we set one up at
> >> > http://webid.info/#anonymous
> >> >
> >> > However, the easy option if you want anonymity (which I believe
> >> > unlinkability is related to) is not to send a certificate at all.
>  This
> >> > is
> >> > much of the normal flow as you should only need to send the cert when
> >> > logging in, and you can hit 'cancel' on all major browsers.
> >>
> >> How do you log in, then? That is, how do I get linkability between
> >> sessions at a particular site but not between sessions at different
> >> sites?
> >
> >
> > There is a different dialog in each browser.  I think henry has
> screenshots
> > of them all.
> >
> > If you look at this screencast:
> >
> > http://webid.info/
> >
> > From 4m30s -> 6m00 It will show you some of the different UIs
>
> You miss my point: if the advice is that to remain unlinkable, don't
> use a cert, then how do I log in to a site I want to log into but do
> not want to give the ability to link me to other sites?
>

Got it.

So there was 3 concepts mentioned in the IETF doc we looked at.

1. Linkability -- you can use webid for this

2. Unlinkability (A) anonymity -- you dont need to use a cert for this

2. Unlinkabiity (B) Pseudo Anonymity

I think it's the pseudo anonymity that seems to be raising concerns.

In truth, I dont think we've focused hugely on this issue to date.  Off the
bat, the one cert per site/device seems a plausible possible solution tho
building up too many certs then is an issue.  Then again, if the UI can
associate the right cert with the right site, some usability issues can be
resolved.  Is that you primary concern?  Needs a little more brain storming
perhaps ...


>
> >
> >>
> >>
> >>
> >> >
> >> > Or even easier use a different browser / different browser profile.
> >
> >
>

Received on Monday, 8 October 2012 11:55:58 UTC