Re: [abfab] [Sam Hartman] comments on draft-ietf-abfab-arch
Leif Johansson <leifj@sunet.se> Mon, 23 September 2013 14:05 UTC
Return-Path: <leifj@sunet.se>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BDA021F9BEF for <abfab@ietfa.amsl.com>; Mon, 23 Sep 2013 07:05:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.599
X-Spam-Level:
X-Spam-Status: No, score=-1.599 tagged_above=-999 required=5 tests=[AWL=0.650, BAYES_00=-2.599, HELO_EQ_SE=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6fcm3Bb4gH2s for <abfab@ietfa.amsl.com>; Mon, 23 Sep 2013 07:05:38 -0700 (PDT)
Received: from e-mailfilter01.sunet.se (e-mailfilter01.sunet.se [IPv6:2001:6b0:8:2::201]) by ietfa.amsl.com (Postfix) with ESMTP id 3B1C921F9A5F for <abfab@ietf.org>; Mon, 23 Sep 2013 07:05:36 -0700 (PDT)
Received: from smtp1.sunet.se (smtp1.sunet.se [IPv6:2001:6b0:8:2::214]) by e-mailfilter01.sunet.se (8.14.3/8.14.3/Debian-9.4) with ESMTP id r8NE5KmZ027394 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <abfab@ietf.org>; Mon, 23 Sep 2013 16:05:20 +0200
Received: from kerio.sunet.se (kerio.sunet.se [192.36.171.210]) by smtp1.sunet.se (8.14.4/8.14.4) with ESMTP id r8NE5HQ0010236 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <abfab@ietf.org>; Mon, 23 Sep 2013 16:05:20 +0200 (CEST)
X-Footer: c3VuZXQuc2U=
Received: from [10.0.0.244] ([62.102.145.131]) (authenticated user leifj@sunet.se) by kerio.sunet.se (Kerio Connect 8.1.2) (using TLSv1/SSLv3 with cipher AES256-SHA (256 bits)) for abfab@ietf.org; Mon, 23 Sep 2013 16:05:16 +0200
Message-ID: <52404A9C.5050803@sunet.se>
Date: Mon, 23 Sep 2013 16:05:16 +0200
From: Leif Johansson <leifj@sunet.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: abfab@ietf.org
References: <tsl61ug7n72.fsf@mit.edu> <052301ceb814$54e4caa0$feae5fe0$@augustcellars.com> <523FE430.4040106@kent.ac.uk> <tsl61trg1jz.fsf@mit.edu>
In-Reply-To: <tsl61trg1jz.fsf@mit.edu>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Bayes-Prob: 0.495 (Score 0, tokens from: outbound, sunet-se:default, base:default, @@RPTN)
X-CanIt-Geo: ip=192.36.171.210; country=SE; latitude=62.0000; longitude=15.0000; http://maps.google.com/maps?q=62.0000,15.0000&z=6
X-CanItPRO-Stream: outbound-sunet-se:outbound (inherits from outbound-sunet-se:default, sunet-se:default, base:default)
X-Canit-Stats-ID: 09KsC5kjs - 2bb532fd31a4 - 20130923 (trained as not-spam)
X-CanIt-Archive-Cluster: PfMRe/vJWMiXwM2YIH5BVExnUnw
X-Scanned-By: CanIt (www . roaringpenguin . com)
Subject: Re: [abfab] [Sam Hartman] comments on draft-ietf-abfab-arch
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/abfab>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2013 14:05:43 -0000
On 09/23/2013 02:33 PM, Sam Hartman wrote: >>>>>> "David" == David Chadwick <d.w.chadwick@kent.ac.uk> writes: > David> Section 1. i) Data Minimization and User Participation: > David> "There is currently no direct client participation in this > David> decision." (i.e. release of identity attributes). We should > David> say at this juncture that this is a major deficiency in > David> existing federated systems, since the user does not have full > David> consent or control over which of his identity attributes are > David> released. This should be fixed in Abfab > > I do not support this change. > > There are some cases where this is a major deficiency, but it's not > entirely clear whether fixing this at the ABFAB layer is the right > approach. > > I'd argue that trying to fix the concent problem in a general manner at > the federation layer may have done more harm over the years than the > privacy problem that is trying to be addressed. With my chair-switch secured in the OFF position: I agree with Sam 100% here. > > > David> iii) I dont buy into your whiteboard example of single entity > David> authentication, because a hacked whiteboard could trick the > David> user into opening the wrong file, which could be disasterous > David> during an important business meeting. SO mutual > David> authentication is needed here as well. If you want an example > David> where mutual authentication is not important, its one where > David> either the information being accessed is of very little value > David> to the accessor so that it does not matter if it is erroneous > David> information or not, or one where it does not matter who the > David> accessor is i.e. its public information. > > Most of the tools I'm familiar with for screen sharing etc would not > allow the white board to pick the presentation/file. > I'd support adding a comment that you don't want to run UI on the white > board, but no I think I completely disagree with your proposed > constraints on when this is useful. > > --Sam > _______________________________________________ > abfab mailing list > abfab@ietf.org > https://www.ietf.org/mailman/listinfo/abfab
- [abfab] [Sam Hartman] comments on draft-ietf-abfa… Sam Hartman
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Leif Johansson
- [abfab] comments on draft-ietf-abfab-arch Mark Donnelly
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Jim Schaad
- Re: [abfab] comments on draft-ietf-abfab-arch Leif Johansson
- Re: [abfab] comments on draft-ietf-abfab-arch Leif Johansson
- Re: [abfab] comments on draft-ietf-abfab-arch Jim Schaad
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Jim Schaad
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… David Chadwick
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Sam Hartman
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Sam Hartman
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Leif Johansson
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… David Chadwick
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Sam Hartman
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Rhys Smith
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Jim Schaad
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… David Chadwick
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Klaas Wierenga (kwiereng)
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… David Chadwick
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Sam Hartman
- Re: [abfab] [Sam Hartman] comments on draft-ietf-… Rafa Marin Lopez