W3C home > Mailing lists > Public > public-xg-webid@w3.org > May 2011

Re: WebID XG - semantic group profile.

From: Henry Story <henry.story@bblfish.net>
Date: Fri, 20 May 2011 16:53:17 +0200
Cc: Kingsley Idehen <kidehen@openlinksw.com>, public-xg-webid@w3.org
Message-Id: <BE4182EB-5130-4288-987E-F7D157F2D136@bblfish.net>
To: Mischa Tuffield <mischa.tuffield@garlik.com>

On 20 May 2011, at 16:25, Mischa Tuffield wrote:

> <snip/>
> On 20 May 2011, at 15:14, Henry Story wrote:
>> Well I am not sure I can publish the e-mails or sha1 sum of members of this group anywhere let alone google. So the issue is to deal with that first.
> As far as I am aware (albeit am no expert in these things), mbox_sha1sum's are not recommended as they are easily reversed with rainbow tables, see for example : http://my.umbc.edu/groups/ebiquity/news/43 

the article makes the claim that "Given an email hash and a persons first and last name" it can easily guess the e-mail. That is true. But if you go to the e-mail archives you'll see that everybody who posts here has a visible e-mail address all ready, for example. 


This is after all a standards body, and people are meant to be visible. Now there are also a large number of people who don't ever post, and of those people nobody knows either the name or the e-mail address, so reverse engineering their e-mail from the sha1sum would be a lot harder.

In any case this could be agood reason for people to submit their webid. That would allow them to be listed as participating, but allow them to decide what they reveal about themselves to others on their own site.

> Mischa *2 cents ...

It's not perfect, but we also have the possibility of a Bloom Filter, which I wrote up here 4 years ago in an article entitled "My Bloomin friends". 


we'd just have to get danbri to add a bloom filter relation :-)


Received on Friday, 20 May 2011 14:53:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:45 UTC