Re: [OAUTH-WG] Assessing the negative effects of proposed standards

Phillip Hallam-Baker <phill@hallambaker.com> Tue, 02 March 2021 06:52 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAE903A272E for <ietf@ietfa.amsl.com>; Mon, 1 Mar 2021 22:52:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 92KVcn3AeQKW for <ietf@ietfa.amsl.com>; Mon, 1 Mar 2021 22:52:47 -0800 (PST)
Received: from mail-yb1-f170.google.com (mail-yb1-f170.google.com [209.85.219.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98BAA3A272D for <ietf@ietf.org>; Mon, 1 Mar 2021 22:52:47 -0800 (PST)
Received: by mail-yb1-f170.google.com with SMTP id l8so19605517ybe.12 for <ietf@ietf.org>; Mon, 01 Mar 2021 22:52:47 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=MVzceTS6wYmWTKt6BLMC3xGiLL4fWn4kvN5l9YvAHBE=; b=dIQ3CiY3J0GgIlRA7VTtWHYKmvXy9q1psksXH/hPX5sr6ibzCx2khmKUo8D68EpHRq 7aQVjYGIfWa7DU149mBJTR/sWupxEJ02+7FZITI2sSmGemGNLS1OFs3ZbRs4FUtTSBE5 9BcB6kijBVgiyhBbsZLeGTBc00CklfoSPkEzNsfvQOFnYNgqTu5z2DSAneRxNS6n3Eb0 iTH5QuIeoIkKbNloHpr/DWee3IL3ePV6lj8lkMts0cycpOiYS+Wr6Qw8AgBjWjPxXW2y M/jtUjTccG7cDfFJc0XwgHOgykLJEyf3CrEdQBTkXZMXkgdzaG7IUWERG3H7juMPQte4 necQ==
X-Gm-Message-State: AOAM531XveOFD4f0FBdi7SKLlFw7fJUFJtz0gkwooVKaIOTNfpJe0AsB OEuU8ooNnV9kNk76bE6KMitp3lv1TefTn0/PTu3KJVkk6Zw=
X-Google-Smtp-Source: ABdhPJwdtSM25FPpdStiLOYCV4bxkLEmoi12wd+013IjheombAHHoUMyML4vT8xfkNy6u4TQ5fRXltVxW2xxQxG+rSE=
X-Received: by 2002:a25:2307:: with SMTP id j7mr30450927ybj.518.1614667966891; Mon, 01 Mar 2021 22:52:46 -0800 (PST)
MIME-Version: 1.0
References: <CWXP265MB0566C4B21C45E760B1BFED7FC29A9@CWXP265MB0566.GBRP265.PROD.OUTLOOK.COM> <EF14E7AC-CA19-44EE-9EC6-D21A81ECA756@manicode.com> <1016085528.105908.1614610785506@appsuite-gw1.open-xchange.com> <305345e0-6901-30a4-8010-e0b174b12c2f@manicode.com> <AFFDAA4C-5354-4578-9D89-95D52DD945E0@independentid.com> <CAMm+LwharMP-YzNwhFdWq7t-+PQuaVxMrPZUAcB39Xseh42RUA@mail.gmail.com> <d7812b29-9a9c-4c11-6996-fc0456cc1210@network-heretics.com>
In-Reply-To: <d7812b29-9a9c-4c11-6996-fc0456cc1210@network-heretics.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Tue, 2 Mar 2021 01:52:37 -0500
Message-ID: <CAMm+Lwi8PjcE16iZz_xyVZqYd6Y5-DHX5H1BnEnJdJ98xSDYvQ@mail.gmail.com>
Subject: Re: [OAUTH-WG] Assessing the negative effects of proposed standards
To: Keith Moore <moore@network-heretics.com>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000098cad105bc882e09"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/U638mAs3DaDCJh06jcarUEyh0EY>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Mar 2021 06:52:49 -0000

On Mon, Mar 1, 2021 at 3:31 PM Keith Moore <moore@network-heretics.com>
wrote:

> On 3/1/21 3:11 PM, Phillip Hallam-Baker wrote:
>
> Lets take a step back. There are two separate sets of concerns related to
> 'privacy'
>
> 1) Disclosure of an identifier allows a service attack using that
> identifier.
>
> 2) Linking separate uses of an identifier allows a profile to be
> constructed of the individual that can be used against the interest of the
> individual.
>
> 3) if it's already known that a service provider is routinely violating
> its users' privacy, why would anyone trust them to be an authentication
> service or identity provider for any service that they themselves did not
> operate?
>
> (what I haven't tried to determine yet is whether HTTP cookies get
> exchanged during OAuth2 transactions...
>
Oh the problems are far more pernicious than that. I don't like the term
identity provider it seems both pretentious and inapplicable. A problem
with linkability is that the consumers of the authentication and
authorization assertions can find ways to link even when the services are
trying their best to prevent it.