On Tue, Apr 05, 2016 at 11:09:20AM +0200, Natanael wrote:
- Sent from my phone Den 5 apr. 2016 09:17 skrev "John Gilmore" <[email protected]>:> The key idea here is that you get to have *one* identifier for yourself > under your control, that you can use everywhere, securely. The key idea here is a bad idea. I don't want everyone I interact with to have the same identifier for me. That's the problem with Social Security Numbers. With a single identifier, all the interactions with me can be cross-correlated to track me everywhere I go. Typically this is done NOT for my benefit, but to give some third party an advantage over me.No problem. This is a per-nickname identifier. Use temporary disposable / throwaway accounts or context specific accounts if you wish. Then you won't have everything linked to the same account.
The problem with "nick-name" is it assumes all the names are tied to a "real" name. Another problem with having a single root or key identifier: who decides what it is? Being able to pick your name has a lot of power to it, and handing that agency over to a third party also hands that power to them. This is one of the reasons that prisoners are often assigned a number they are required to use instead of their names. If I am going to interact with multiple services, I want control over how I do that interaction. Forcing me to use names that branch off a single origin point defeats the entire purpose.
> OpenID essentially died. So did Mozilla's Personas. A bunch of RDF based > protocols too. And many many more. And, from my point of view, this is why they died. I had zero interest in helping third parties keep track of me everywhere, using the same identifier on widely varying sites. It's already hard enough work to keep Google out of my underwear when I don't even have an account with them. If I had the same account everywhere? Let's not go there. "Login with your Facebook account?" No thanks!!!The type of tech Mozilla Personas (or U2F) was using to anonymize the original account you connected with can be reused, although that would break the universal addressing aspect. Or how about this - you can link multiple profiles / personas / nicknames to your account, including creating throwaways, and get to chose which one to link third party services too when you register with them.
_______________________________________________ The cryptography mailing list [email protected] http://www.metzdowd.com/mailman/listinfo/cryptography
signature.asc
Description: Digital signature
_______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
