[dix] Re: [Ietf-http-auth] More requirements
EKR <ekr@networkresonance.com> Fri, 14 July 2006 12:04 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1MPE-0001om-S5; Fri, 14 Jul 2006 08:04:28 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1MPD-0001oh-Pb for dix@ietf.org; Fri, 14 Jul 2006 08:04:27 -0400
Received: from [132.219.27.70] (helo=delta.rtfm.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G1MPB-0000cT-IA for dix@ietf.org; Fri, 14 Jul 2006 08:04:27 -0400
Received: by delta.rtfm.com (Postfix, from userid 1001) id 2D7C41CC29; Fri, 14 Jul 2006 05:03:27 -0700 (PDT)
To: Ben Laurie <benl@google.com>
References: <1b587cab0607131743g36c96314ta9b3a0a90aa871e0@mail.google.com>
From: EKR <ekr@networkresonance.com>
Date: Fri, 14 Jul 2006 05:03:26 -0700
In-Reply-To: <1b587cab0607131743g36c96314ta9b3a0a90aa871e0@mail.google.com> (Ben Laurie's message of "Thu, 13 Jul 2006 20:43:14 -0400")
Message-ID: <86wtag5r75.fsf@delta.rtfm.com>
User-Agent: Gnus/5.1007 (Gnus v5.10.7) XEmacs/21.4.19 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 97adf591118a232206bdb5a27b217034
Cc: Digital Identity Exchange <dix@ietf.org>, IETF HTTP Auth <ietf-http-auth@lists.osafoundation.org>
Subject: [dix] Re: [Ietf-http-auth] More requirements
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: EKR <ekr@networkresonance.com>, Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
Errors-To: dix-bounces@ietf.org
"Ben Laurie" <benl@google.com> writes: > On the plane to IETF I realised that there were several more potential > requirements to add to ekr's list: > > 12. Single Site Unlinkability (SSU) > The user should be able to visit the same site multiple times without > the site being able to tell that it is the same user, even if the user > is, for example, asserting the same external claims each time. This > protects the user's privacy. Obviously if data provided by the user is > unique to that user (for example, age and address combined are often > sufficient to uniquely identify a person) then no amount of cleverness > can provide SSU, but SSU should be available to the extent permitted > by the uniqueness of the data provided. This is an interesting requirement and obviously of value, but it's worth noting that there are contexts in which linkability (CI) is precisely what's desired--blog comments, for example. So, you wouldn't want to design a system that always provided SSU. :) > 15. Claim Minimality (CM) > The ability to show only exactly what is needed, (for example, the > user is over 21 rather than the user's exact age, or if there are > mutlple claims the ability to show a subset). This improves privacy > and reduces linkability. Note that this ties in with IAC. -Ekr _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix
- [dix] More requirements Ben Laurie
- [dix] Re: [Ietf-http-auth] More requirements EKR
- Re: [dix] Re: [Ietf-http-auth] More requirements RL 'Bob' Morgan
- Re: [dix] Re: [Ietf-http-auth] More requirements Ben Laurie
- Re: [dix] Re: [Ietf-http-auth] More requirements Jeff Hodges
- [dix] Re: [Ietf-http-auth] More requirements Ben Laurie
- Re: [dix] Re: [Ietf-http-auth] More requirements RL 'Bob' Morgan
- Re: [dix] More requirements Ben Laurie