Re: [OAUTH-WG] Assessing the negative effects of proposed standards
Phillip Hallam-Baker <ietf@hallambaker.com> Mon, 01 March 2021 20:11 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61CBF3A223C; Mon, 1 Mar 2021 12:11:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PME92dYII2WF; Mon, 1 Mar 2021 12:11:58 -0800 (PST)
Received: from mail-yb1-f177.google.com (mail-yb1-f177.google.com [209.85.219.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFB393A223A; Mon, 1 Mar 2021 12:11:57 -0800 (PST)
Received: by mail-yb1-f177.google.com with SMTP id h82so4490811ybc.13; Mon, 01 Mar 2021 12:11:57 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=s6LxBxVwzBte1ZpW/ei+xsj0ZQEHH06LDKHBzCQMFDk=; b=LZscb7eHa2L2OAmZ1dEaTTi0Zu51/xZ/L2ZDdWJ+VZ78RVkDBvgfOSUbtmNCOlsn8V Ia1EYmdYfaxQrI+9TRA/6ZZWCVFXhfP1x5IUfeofYH200EOsPe0V8F1DMXCEj36BdYDU 9BEWszHpLOwjaFjNO4xTqM7ZoNFuKwAVN5BIHFxSOSQPEJiOPxD3hTjAHj9ysG7RM5Jc W+v0+/P8z59k0AXSxt4Xya2CtLPmrxBkoOb4RYjISDCDHXmfzKn339N+UHFfVrK/HVqr 3pCsG6huEevAKP4sf2863zF+jv6J/ZSwric7FjqZdKejFQa5rEHtNZiBKJJHgCj4lKTl Pdow==
X-Gm-Message-State: AOAM532bxaUS0H49D6lrY1Lh5ao2R8beI5H0nlmKL2ojbQH7XPkhpRpz B9ejAEPtPvuEBRtrwEKZBJuI269jJ/soo1x9adshXp5Cm8Q=
X-Google-Smtp-Source: ABdhPJyrp5Z5fDQVvGsY3Jm6w9mx2FLQwb22TDBwF+jF74HKkSftL96hX08aPjQH15+uQCdFusyzwDCZtyFXGOIfGR8=
X-Received: by 2002:a25:ad67:: with SMTP id l39mr26282598ybe.172.1614629517173; Mon, 01 Mar 2021 12:11:57 -0800 (PST)
MIME-Version: 1.0
References: <CWXP265MB0566C4B21C45E760B1BFED7FC29A9@CWXP265MB0566.GBRP265.PROD.OUTLOOK.COM> <EF14E7AC-CA19-44EE-9EC6-D21A81ECA756@manicode.com> <1016085528.105908.1614610785506@appsuite-gw1.open-xchange.com> <305345e0-6901-30a4-8010-e0b174b12c2f@manicode.com> <AFFDAA4C-5354-4578-9D89-95D52DD945E0@independentid.com>
In-Reply-To: <AFFDAA4C-5354-4578-9D89-95D52DD945E0@independentid.com>
From: Phillip Hallam-Baker <ietf@hallambaker.com>
Date: Mon, 01 Mar 2021 15:11:46 -0500
Message-ID: <CAMm+LwharMP-YzNwhFdWq7t-+PQuaVxMrPZUAcB39Xseh42RUA@mail.gmail.com>
To: Phil Hunt <phil.hunt@independentid.com>
Cc: Jim Manico <jim@manicode.com>, IETF-Discussion Discussion <ietf@ietf.org>, oauth@ietf.org
Content-Type: multipart/alternative; boundary="000000000000d0a77205bc7f3a45"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/miAIUGdSivUtZQiA4kcsf-up6PY>
Subject: Re: [OAUTH-WG] Assessing the negative effects of proposed standards
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Mar 2021 20:11:59 -0000
Lets take a step back. There are two separate sets of concerns related to 'privacy' 1) Disclosure of an identifier allows a service attack using that identifier. 2) Linking separate uses of an identifier allows a profile to be constructed of the individual that can be used against the interest of the individual. The reason I insist on this distinction is that privacy issues of the first type are a consequence of crappy protocol design. There is absolutely no reason why giving someone my bank details so they can send a payment TO me should give them the ability to withdraw money from my account. But it does and the banks will smugly gaslight that it just isn't possible to fix this elementary flaw in their information architectures. And you can guess where it came from if you hear the question being asked in the relevant Senate hearing of the form, 'Mr CEO, you say that it would be impossible to make this change, what size of penalty per loss are we going to have to impose on your bank to make it cheaper for you to fix it than to claim it can't be done?' It should be possible for Madonna or Lewis Hamilton to put their personal contact info on their Web sites without ending up being spammed to oblivion. It is just a question of access control. The second is a really difficult problem but authentication is only one small part of it. I can turn out a public key authentication scheme that allows Alice to surf the web at Bob and Carol's site without them being able to tell its the same person from the identifier easily enough. But all bets are off if Bob and Alice collude.
- [OAUTH-WG] Assessing the negative effects of prop… Andrew Campling
- Re: [OAUTH-WG] Assessing the negative effects of … Jim Manico
- Re: [OAUTH-WG] Assessing the negative effects of … Vittorio Bertola
- [OAUTH-WG] How does OAuth harm privacy ? Denis
- Re: [OAUTH-WG] How does OAuth harm privacy ? Jim Manico
- Re: [OAUTH-WG] Assessing the negative effects of … Jim Manico
- Re: [OAUTH-WG] Assessing the negative effects of … Phil Hunt
- Re: [OAUTH-WG] How does OAuth harm privacy ? Warren Parad
- Re: [OAUTH-WG] Assessing the negative effects of … Phillip Hallam-Baker
- Re: [OAUTH-WG] Assessing the negative effects of … Warren Parad