W3C home > Mailing lists > Public > public-webid@w3.org > October 2012

Re: [saag] Liking Linkability

From: Ben Laurie <ben@links.org>
Date: Mon, 22 Oct 2012 17:58:33 +0100
Message-ID: <CAG5KPzwF2pC_4MA-i5rZKX1oQH5yjJXvo1QMoK00CNbG-T31Tw@mail.gmail.com>
To: David Chadwick <d.w.chadwick@kent.ac.uk>
Cc: Ben Laurie <benl@google.com>, "public-philoweb@w3.org" <public-philoweb@w3.org>, "public-identity@w3.org" <public-identity@w3.org>, "saag@ietf.org" <saag@ietf.org>, "public-privacy@w3.org" <public-privacy@w3.org>, "Klaas Wierenga (kwiereng)" <kwiereng@cisco.com>, "public-webid@w3.org" <public-webid@w3.org>
On Thu, Oct 18, 2012 at 8:18 PM, David Chadwick <d.w.chadwick@kent.ac.uk> wrote:
> Hi Ben
> I disagree. It depends upon your risk assessment. Your stand is like saying
> TLS should be the substrate, not http.

Not at all. You can add security to an insecure connection. You cannot
add anonymity to an identified session. My stand is, in fact, like
saying that TCP should be the substrate, not TLS.

> There are two alternative viewpoints.
> You can either start with the lowest security/privacy and add to it, or make
> the highest security/privacy the default and then take from it. So you
> should not necessarily mandate that U-Prove/Idemix are the default tokens,
> but rather only require them if your risk assessment says privacy protection
> is essential
> regards
> David
> On 18/10/2012 16:34, Ben Laurie wrote:
>> On 9 October 2012 14:19, Henry Story <henry.story@bblfish.net> wrote:
>>> Still in my conversations I have found that many people in security
>>> spaces
>>> just don't seem to be  able to put the issues in context, and can get
>>> sidetracked
>>> into not wanting any linkability at all. Not sure how to fix that.
>> You persist in missing the point, which is why you can't fix it. The
>> point is that we want unlinkability to be possible. Protocols that do
>> not permit it or make it difficult are problematic. I have certainly
>> never said that you should always be unlinked, that would be stupid
>> (in fact, I once wrote a paper about how unpleasant it would be).
>> As I once wrote, anonymity should be the substrate. Once you have
>> that, you can the build on it to be linked when you choose to be, and
>> not linked when you choose not to be. If it is not the substrate, then
>> you do not have this choice.
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag
Received on Monday, 22 October 2012 16:59:10 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:37 UTC