The IESG wrote: > > The IESG has received a request from the Public-Key Infrastructure > (X.509) WG (pkix) to consider the following document: > > - 'Traceable Anonymous Certificate ' > <draft-ietf-pkix-tac-04.txt> as an Experimental RFC I'm having a serious problem with the terminology! The certificates in this proposal are definitely not anonymous, they're clearly and undoubtedly pseudonymous. Anonymity means "blending within a group", and the quality of the anonymity is the size of that group. Really good anonymity means that the group is in the magnitude of the world population. Most of the time, the group is significantly smaller, but there still remains the concept of blending within a group. The certificates described by this documents are unique, assigned to one single individual (I don't care how fancy the scheme is to reveal the original identity given they pseudonym). Since these certs also have a significant lifetime attached to them and are designed to be reused frequently, successive authentications can be linked, and they're similarly revealing about individuals as the frowned-upon pentium processor id. Therefore I would like to ask that the term "anonymous" is replaced by "pseudonymous" throughout the document before it is published as an internet draft. Regards, -Martin _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf