Re: [Endymail] [Cryptography] Secure universal message addressing
Natanael <natanael.l@gmail.com> Tue, 05 April 2016 09:09 UTC
Return-Path: <natanael.l@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA59A12D10A for <endymail@ietfa.amsl.com>; Tue, 5 Apr 2016 02:09:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RXWuUg0z0--j for <endymail@ietfa.amsl.com>; Tue, 5 Apr 2016 02:09:22 -0700 (PDT)
Received: from mail-wm0-x241.google.com (mail-wm0-x241.google.com [IPv6:2a00:1450:400c:c09::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31E5912D13F for <endymail@ietf.org>; Tue, 5 Apr 2016 02:09:22 -0700 (PDT)
Received: by mail-wm0-x241.google.com with SMTP id 20so2393729wmh.3 for <endymail@ietf.org>; Tue, 05 Apr 2016 02:09:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=7mN8YKPKbZYn/FfqyRxnjVuQUA0ElTiKWOYLocpG5NQ=; b=uVQB9ZmP5E2WPb7Rq2yuztNXNyqmn0iIvxmZv8Q4cwC6JD1JksC1pj+2zfAqFoSuiB XRqv3UIdmPve7R0zo8bGSXsAaOa9cmZHViF/bjrCV2eFHEPH9ZwUJWQ5gF5iOPiz5cUA 9/R4vcVbQ0B7+NqMo4+HMnaA/x4lETEcgy3w24/UR37zNlWnN595U0eRlYyhNjgmsB97 YBbGm/1N0nxYYKAnF+XCQEj8ipnpX6srFlW+v+bwHF7BBtvgbWG2GViAwvHyDeqKiTtw Hupi1ij94Rcv+2hc86Fu64xfURVkqAViBDp6EVYYDu8sijJY+65fWAP5NjqPifm8LNOz 7sVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=7mN8YKPKbZYn/FfqyRxnjVuQUA0ElTiKWOYLocpG5NQ=; b=NGTzLqjKHMDRB9mnE3CT6K6T5Ubw0UjEZkyYvnNR4ccsr8NvonUlfC6VQetPFw0Vc1 OlgVlX26MZ3JA4Aa70hhYXUl8SLJMmXAl4F8lZjb7qce1CbRx/wydig/uKYr1xdIojmn TrvEs+gRRdUXdflUKiNkmhPIeL6U1Ex/BjCXr/noP2pVZ1iPLp6RNNSG9VnQdPU1Yfre TWprD0j0nPgSzQ8lXGf+VM5WlCuFsQBQwRHz9FfW9Y+xU0Qk4UCqsA0KiOPwslqlXON2 3G75KWWKjNkzOv90xvWBBvbfiy3Pz2iETwtXBporMm1tAZAkaplk2Rl64s3ggAkB5zc4 7I8g==
X-Gm-Message-State: AD7BkJIF3cOLsZjlScRRqSORUBON20wFT5eOBwMsWTwEukbS06u4zVuDZGuHgYKwiqik1pyhdHbD0JclJSktwA==
MIME-Version: 1.0
X-Received: by 10.194.174.39 with SMTP id bp7mr17737423wjc.28.1459847360699; Tue, 05 Apr 2016 02:09:20 -0700 (PDT)
Received: by 10.194.23.195 with HTTP; Tue, 5 Apr 2016 02:09:20 -0700 (PDT)
Received: by 10.194.23.195 with HTTP; Tue, 5 Apr 2016 02:09:20 -0700 (PDT)
In-Reply-To: <201604050717.u357HBfc014889@new.toad.com>
References: <CAAt2M1-qLf7HF_zTSgWGH4TKmOuYZH6h9iXL=+JzSwdfk1+HqQ@mail.gmail.com> <CAAt2M1-AtpmREOi1Ex+sLjUqZtbcDOUC_zGd4u5Ot1cW+UT5ug@mail.gmail.com> <CAAt2M18W+k_bNL+WV1pa7dnbgzuThFqrqMcwVk5C20M-b_PrTg@mail.gmail.com> <CAAt2M19ThO-J3awEbKfx--mtpssB-Qk+5rHCcoBD57vytucvMw@mail.gmail.com> <CAAt2M19amebwCsdiNAqrBCD6OwGCUJCpKYkU7kvnRSafywTC=w@mail.gmail.com> <CAAt2M1-HOUjWLZOZycfcmGCgD+DkvsAOzjkd4bCuSjhSLVyDgw@mail.gmail.com> <CAAt2M1_C7OJZLZW7AnK1sYAK9ANpRS-FQ1__guKT7_Zacun+BA@mail.gmail.com> <CAAt2M19TiwGMmtsNyAWwaRk5Kup0for_AV0C=AFd--+kmUYcDw@mail.gmail.com> <CAAt2M19MWW-4CAoCejwYEZm-YzJ6UUWypeBtfPbWLh0ka=Ta8A@mail.gmail.com> <201604050717.u357HBfc014889@new.toad.com>
Date: Tue, 05 Apr 2016 11:09:20 +0200
Message-ID: <CAAt2M1-u0A5iROC3brGjMRReBj1fiBK1je_Kb4fU+TO7Y5n5MA@mail.gmail.com>
From: Natanael <natanael.l@gmail.com>
To: John Gilmore <gnu@toad.com>
Content-Type: multipart/alternative; boundary="089e0149371c5c6a92052fb93324"
Archived-At: <http://mailarchive.ietf.org/arch/msg/endymail/dhPOcn9O8CPyW90E1VFZtLkQfos>
Cc: messaging <messaging@moderncrypto.org>, Cryptographers List <crypto-practicum@lists.sonic.net>, Cryptography Mailing List <cryptography@metzdowd.com>, Crypto List <cryptography@randombit.net>, endymail <endymail@ietf.org>
Subject: Re: [Endymail] [Cryptography] Secure universal message addressing
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Apr 2016 09:09:26 -0000
- Sent from my phone Den 5 apr. 2016 09:17 skrev "John Gilmore" <gnu@toad.com>: > > > The key idea here is that you get to have *one* identifier for yourself > > under your control, that you can use everywhere, securely. > > The key idea here is a bad idea. > > I don't want everyone I interact with to have the same identifier for > me. That's the problem with Social Security Numbers. With a single > identifier, all the interactions with me can be cross-correlated to > track me everywhere I go. Typically this is done NOT for my > benefit, but to give some third party an advantage over me. No problem. This is a per-nickname identifier. Use temporary disposable / throwaway accounts or context specific accounts if you wish. Then you won't have everything linked to the same account. > > OpenID essentially died. So did Mozilla's Personas. A bunch of RDF based > > protocols too. And many many more. > > And, from my point of view, this is why they died. I had zero > interest in helping third parties keep track of me everywhere, using > the same identifier on widely varying sites. It's already hard enough > work to keep Google out of my underwear when I don't even have an > account with them. If I had the same account everywhere? Let's not > go there. "Login with your Facebook account?" No thanks!!! The type of tech Mozilla Personas (or U2F) was using to anonymize the original account you connected with can be reused, although that would break the universal addressing aspect. Or how about this - you can link multiple profiles / personas / nicknames to your account, including creating throwaways, and get to chose which one to link third party services too when you register with them.
- [Endymail] Secure universal message addressing Natanael
- Re: [Endymail] Secure universal message addressing Sean Leonard
- Re: [Endymail] Secure universal message addressing Natanael
- Re: [Endymail] [Cryptography] Secure universal me… Natanael
- Re: [Endymail] [messaging] Secure universal messa… Harlan Lieberman-Berg
- Re: [Endymail] [Cryptography] Secure universal me… John Gilmore
- Re: [Endymail] [Cryptography] Secure universal me… aestetix
- Re: [Endymail] [Cryptography] Secure universal me… Hugo Maxwell Connery