Re: [pkng] More thoughts: Privacy
Massimiliano Pala <Massimiliano.Pala@Dartmouth.edu> Tue, 17 November 2009 21:27 UTC
Return-Path: <Massimiliano.Pala@Dartmouth.edu>
X-Original-To: pkng@core3.amsl.com
Delivered-To: pkng@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 704753A683E for <pkng@core3.amsl.com>; Tue, 17 Nov 2009 13:27:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.583
X-Spam-Level:
X-Spam-Status: No, score=-5.583 tagged_above=-999 required=5 tests=[AWL=0.397, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, RCVD_IN_SORBS_WEB=0.619]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cIJiXgVDzNzI for <pkng@core3.amsl.com>; Tue, 17 Nov 2009 13:27:29 -0800 (PST)
Received: from mail.cs.dartmouth.edu (mail.cs.dartmouth.edu [129.170.212.100]) by core3.amsl.com (Postfix) with ESMTP id 5465A3A6816 for <pkng@irtf.org>; Tue, 17 Nov 2009 13:27:29 -0800 (PST)
Received: from [192.168.100.56] (c-68-45-62-30.hsd1.nj.comcast.net [68.45.62.30]) (authenticated bits=0) by mail.cs.dartmouth.edu (8.14.3/8.14.3) with ESMTP id nAHLRQFm016094 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT) for <pkng@irtf.org>; Tue, 17 Nov 2009 16:27:26 -0500
X-DomainKeys: Sendmail DomainKeys Filter v1.0.2 mail.cs.dartmouth.edu nAHLRQFm016094
Message-ID: <4B031654.3090004@Dartmouth.edu>
Date: Tue, 17 Nov 2009 16:32:04 -0500
From: Massimiliano Pala <Massimiliano.Pala@Dartmouth.edu>
Organization: Dartmouth College / OpenCA Labs
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.4pre) Gecko/20090922 Fedora/3.0-3.9.b4.fc12 Thunderbird/3.0b4
MIME-Version: 1.0
To: pkng@irtf.org
References: <4B030FF1.8030200@Dartmouth.edu> <4B03112C.8070304@stpeter.im>
In-Reply-To: <4B03112C.8070304@stpeter.im>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms030801010401010003040808"
Subject: Re: [pkng] More thoughts: Privacy
X-BeenThere: pkng@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: openca@acm.org
List-Id: "Public Key Next Generation \(PKNG\) Research Group" <pkng.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/pkng>
List-Post: <mailto:pkng@irtf.org>
List-Help: <mailto:pkng-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2009 21:27:30 -0000
Hi Peter, I understand that is a matter of Policy. Unfortunately the user has no control over what the provider of the OCSP service does with the data that might track one's activities (and potentially location) throughout the day. Some organizations like government agencies might overlook this problem and leak data that is supposed to be kept secure. The OCSP is an example, but my point was that if we can manage to introduce a user-machine-enforceable (not relying only on policies decided by someone else once and for all) we could have better coverage of the USER's need. And, also, we would simplify policy writing and agreements for 3rd parties provided services. The same simplification would occur in managing federated identities and access to external resources - whenever possible, of course! Just my 2-cents. Later, Max On 11/17/2009 04:10 PM, Peter Saint-Andre wrote: > I think this is a policy issue for providers of PK* services (just as it > is for providers of email services, IM services, microblogging services, > and all the rest). Now, I agree that better disclosure of policies will > help humans make more informed decisions (if they care to be informed). -- Best Regards, Massimiliano Pala --o------------------------------------------------------------------------ Massimiliano Pala [OpenCA Project Manager] openca@acm.org project.manager@openca.org Dartmouth Computer Science Dept Home Phone: +1 (603) 369-9332 PKI/Trust Laboratory Work Phone: +1 (603) 646-8734 --o------------------------------------------------------------------------ People who think they know everything are a great annoyance to those of us who do. -- Isaac Asimov
- [pkng] More thoughts: Privacy Massimiliano Pala
- Re: [pkng] More thoughts: Privacy Peter Saint-Andre
- Re: [pkng] More thoughts: Privacy Massimiliano Pala
- Re: [pkng] More thoughts: Privacy Stephen Farrell