RE: IETF 65 BOF Announcement: Digital Identity Exchange (DIX)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



All the schemes are taking privacy pretty seriously. One of the starting
points here though is the observation that much of the privacy sensitive
personal data being collected at Web sites is not actually the data that
is really wanted in the first place. Advertising driven web sites want
to know your demographic profile, they ask you for zip code and date of
birth because they are proxies for that. In the process they obtain a
75% unique identifier.


If you are willing to use a custom client and a shared domain name you
can create a cypherpunks grade privacy solution pretty effectively with
all the Identity 2.0 schemes. 

The key part is that each identifier binds to exactly one person but
each person can have multiple identifier.

So you could have a client that automatically binds new identities on
the fly each time you go to a different Web site. The Shiboleth people
did something of this sort on top of SAML.




> -----Original Message-----
> From: smb@xxxxxxxxxxxxxxx [mailto:smb@xxxxxxxxxxxxxxx] 
> Sent: Sunday, February 12, 2006 7:16 PM
> To: Hallam-Baker, Phillip
> Cc: Richard Shockey; John Merrells; Ted Hardie; Hollenbeck, 
> Scott; Lisa Dusseault; ietf@xxxxxxxx
> Subject: Re: IETF 65 BOF Announcement: Digital Identity 
> Exchange (DIX) 
> 
> In message 
> <198A730C2044DE4A96749D13E167AD3792A388@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
> om>, "Hallam-Baker, Phillip" writes:
> 
> >I am sure that the security area gurus will insist that the 
> resulting 
> >protocols will be proof against man in the middle attack and do not 
> >result in passwords being exchanged enclair.
> >
> 
> Actually, my bigger concern is privacy.  I like to decouple 
> the identity I use on different web sites....
> 
> 		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
> 
> 
> 
> 

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]