Re: unlinkability

On 10/7/12 5:14 PM, Melvin Carvalho wrote:
>
>>
>>         Why is that?
>>
>>
>>     If the private key is stored on your webmail provider or mozilla
>>     they can create a certificate to impersonate you.  This means
>>     they can view your account or even create an account on the
>>     relying party.  Say you had some confidential documents on a
>>     service, it means your webmail provider can read not only your
>>     mail, but your external documents.
>
>     They can create a certificate to impesonate your - your e-mail
>     that is - anyway, even without your private key. BrowserId Relying
>     parties only consider the signature of the certificate for
>     verifying it. So the private key is neither here nor there.
>
>
> Sure there's actually TWO private keys in play.  The 'master' key 
> which is used to sign and your temporary key in the browser.
>
> It's possible to impersonate with WebID if they take over your 
> identity page.  But the key would change which is suspicious. Even SSH 
> warns you when a key changes and alerts you to a possible attack.

Only if you assume this is about WebID as opposed to WebID + ACLs, as I 
referenced earlier in one of these threads. You can't speak of this 
issue as being about WebID solely, its the effect of WebIDs combined 
with ACLs or data access policies. A resource owner can add other 
factors into the mix re. access policies. All of the factors used to 
determine "identity" don't have to reside in the Certificate or Profile 
document, understanding and internalizing this is really important. This 
is what the URI serving as WebID facilitates.

-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen