IETF Logo Mail Archive

Re: [arch-d] Proposed IAB program on Wholistic Human-Oriented Discussions on Identity Systems (WHODIS)

Christian Huitema <huitema@huitema.net> Thu, 29 June 2023 18:32 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE351C14F75F for <architecture-discuss@ietfa.amsl.com>; Thu, 29 Jun 2023 11:32:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5zUglWzay6-i for <architecture-discuss@ietfa.amsl.com>; Thu, 29 Jun 2023 11:32:53 -0700 (PDT)
Received: from mx36-out20.antispamcloud.com (mx36-out20.antispamcloud.com [209.126.121.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21175C14F736 for <architecture-discuss@ietf.org>; Thu, 29 Jun 2023 11:32:52 -0700 (PDT)
Received: from xse411.mail2web.com ([66.113.197.157] helo=xse.mail2web.com) by mx193.antispamcloud.com with esmtp (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1qEwRm-000CT8-Ag for architecture-discuss@ietf.org; Thu, 29 Jun 2023 20:32:51 +0200
Received: from xsmtp22.mail2web.com (unknown [10.100.68.61]) by xse.mail2web.com (Postfix) with ESMTPS id 4QsRrq3G6TzBXV for <architecture-discuss@ietf.org>; Thu, 29 Jun 2023 11:32:43 -0700 (PDT)
Received: from [10.5.2.31] (helo=xmail09.myhosting.com) by xsmtp22.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1qEwRf-0006xU-5c for architecture-discuss@ietf.org; Thu, 29 Jun 2023 11:32:43 -0700
Received: (qmail 19210 invoked from network); 29 Jun 2023 18:32:42 -0000
Received: from unknown (HELO [192.168.1.105]) (Authenticated-user:_huitema@huitema.net@[172.58.46.228]) (envelope-sender <huitema@huitema.net>) by xmail09.myhosting.com (qmail-ldap-1.03) with ESMTPA for <architecture-discuss@ietf.org>; 29 Jun 2023 18:32:42 -0000
Message-ID: <1a47d854-82eb-7ae9-1081-ca95bfb57ce8@huitema.net>
Date: Thu, 29 Jun 2023 11:32:43 -0700
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0
Content-Language: en-US
To: architecture-discuss@ietf.org
References: <20230629175425.9517EFD1E5D9@ary.qy>
From: Christian Huitema <huitema@huitema.net>
In-Reply-To: <20230629175425.9517EFD1E5D9@ary.qy>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: 66.113.197.157
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 66.113.197.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=66.113.197.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.27)
X-Recommended-Action: accept
X-Filter-ID: Pt3MvcO5N4iKaDQ5O6lkdGlMVN6RH8bjRMzItlySaT90l5RD6FYUAMRps4MQnjfbPUtbdvnXkggZ 3YnVId/Y5jcf0yeVQAvfjHznO7+bT5yLNgi2F4M0RbknB3BDmsRxyINTMb4kYMD15j85Ktbckyo/ xMM0hxORRmMMI7DUTwgTD2uY0DsMzY/eF2LAvM905g+sHZmT3CLVmxntdIVybVy+BbGrglZA45nG CXVN8lqeyrhzWminYO4gRGXn3bDVBVisGv8MyVI5ms3guyJnGjRkiIZ3eltfhR9ekPFl6doUOled bu+r9+W9cDXvzL3S6aEU+X6FqJiGS/1rFjYO3NvifT4GqBfEkB7aN5XuM7B02nkLZSrmz+olE44+ sjwESum7gC1WgO/NiysYOr0Zp4PDdWi4V6nXPowtUXJ1bnedw+XGlIW1bb6iLQaqIs5BLfTttFI5 MCNL/izpcNORuAUvossjam0/HVDFzCeLVAjI+ht+2XwDC3Hj+WjRz7dukQbqbub9Z8raDZ3Nd/Bn xBCILRF8l4+kt0g70XjHFfE11Iy42FkLdf+cZ0MpjKD7IK/1NH5THMtlYvyHAYGOGqz2oidVuoQM okQutY3pHcCHFzboKDhGx0chVC6Uo5u4n3/KWfbq3t5NmLSY+EPGexsrBh3L3C9Exjz6CcyvEr2R lvLLlEBjV18v8JmY5QASPHDn/xGwSWrATl0bPyUSDwvAigEqhXtJAUOWZsD4TyYsmb3cd2SQ7D86 7xHbfm/JsV+DkDiP1EOo5xXzAYM8Dkh7pzIOY/1DviDEZ3YiHK6SoezP5Vmbh41jyOA+Z2BL2XKT 4BCSi2w8mgvy3S772P36iLyUPbgDVgle/9RkoUr6VQfb/c2NIfGrBGJmxhrCQ/ckgttCMxZAbXz/ pRVEeH5i5D+0f+MOVZdMyOw1k7W9d6hWUqvBcfvaLZ9Gqo2vFSj6qXbJJOS8QUf/bdczDJHbuv0d hTPOJMWERUrwtSA4NQUVu4c6fMN4h3DsG1bbJln50BhorOBL20d417CNBEl8IQVNocLfydfAvh8o CZf4xM5tUrEfL92iWzfzWX2vKR4R2s/hz2tBwIBMeLFgxQ==
X-Report-Abuse-To: spam@quarantine14.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/8cb10wlmnmtVubzsrVbU4Rf9duM>
Subject: Re: [arch-d] Proposed IAB program on Wholistic Human-Oriented Discussions on Identity Systems (WHODIS)
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jun 2023 18:32:53 -0000


On 6/29/2023 10:54 AM, John Levine wrote:
> It appears that Toerless Eckert  <tte@cs.fau.de> said:
>> Might not even need to have biometric verification if one assumes (IMHO rightfully so),
>> that the chance of borrowing cell phones to someone else is pretty slim. And even slimmer
>> when one puts some less intrusive incentives onto the cell phone to to not borrow them
>> for such purpose.
> 
> Um, were you ever a teenager?
> 
> I can imagine ways to do this that mitigate the privacy risk but only
> with a TTP at some point. For example, there's a device at the bar
> that takes your picture and sends it to the phone using NFC along with
> the minimum admission age. The phone compares the picture to the one
> stored internally, and returns a yes/no result with a chain of
> signatures back to the TTP so the bar's device knows it's credible.
> (Yeah, they have your picture, but they don't need any fancy equipment
> to take pictures of everyone who comes in.  They don't have your name or
> anything other than the yes/no that you're the same person and you are
> at least the required age.)
> 
> The automated immigration machines at Canadian airports do something
> like this although the master photo is in their database, not on the
> card.
> 
> But this is subtle and I agree both that it is worth thinking about
> and that the scope of inquiry needs to be firmly limited to avoid
> ocean boiling.

Of course, unless face tracking or keeping copies of IDs is made illegal 
by the local laws, all this amounts to flogging the tides...

-- Christian Huitema

v2.23.0 | Report a Bug | By Email