W3C home > Mailing lists > Public > public-xg-webid@w3.org > July 2011

Re: Browser ID, WebID & URLs

From: Henry Story <henry.story@bblfish.net>
Date: Mon, 18 Jul 2011 05:49:54 +0200
Cc: Ben Adida <ben@adida.net>, dev-identity@lists.mozilla.org, WebID XG <public-xg-webid@w3.org>
Message-Id: <A18CBEFD-5037-4BDE-912B-DE8A058B80B8@bblfish.net>
To: Tom Scavo <trscavo@gmail.com>

On 18 Jul 2011, at 03:46, Tom Scavo wrote:

> On Sun, Jul 17, 2011 at 8:04 PM, Ben Adida <ben@adida.net> wrote:
>> We're
>> pursuing an experiment to see if our hunch  that web sites just want
>> an email address  is right.
> Yes, and an interesting experiment it is, too.


>> Private exchange of an email address is privacy-
>> protecting. Exposing a public profile is not. Thus, the public profile
>> should be the optional component.
> An e-mail address is not privacy preserving. It is a globally unique
> identifier that is correlatable across relying parties. Thus your
> conclusion does not hold. The identifier would have to be opaque and
> per-RP for your argument to make sense.

A lot of people don't want to get into spam registries. The privacy
advantage of http URLs is that you can send e-mails using them. So
one could argue that http URLs are more privacy enhancing :-)

>> Logging in does not require long-lasting keys.
> Agreed.

A question on short keys - this is probably something I have not fully understood.
But if the keys are short lived, don't you have to go back to your e-mail provider
constantly to create new keys? If so is that not a Usability nuisance?


> Tom
> _______________________________________________
> dev-identity mailing list
> dev-identity@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-identity

Social Web Architect
Received on Monday, 18 July 2011 03:50:25 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:45 UTC