Re: [saag] Liking Linkability

Harry Halpin <hhalpin@w3.org> Mon, 22 October 2012 12:32 UTC

Return-Path: <hhalpin@w3.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49F9F21F8B71 for <saag@ietfa.amsl.com>; Mon, 22 Oct 2012 05:32:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.449
X-Spam-Level:
X-Spam-Status: No, score=-10.449 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ClS9gKlxhVxt for <saag@ietfa.amsl.com>; Mon, 22 Oct 2012 05:32:50 -0700 (PDT)
Received: from jay.w3.org (ssh.w3.org [128.30.52.60]) by ietfa.amsl.com (Postfix) with ESMTP id 3D1AB21F8B66 for <saag@ietf.org>; Mon, 22 Oct 2012 05:32:50 -0700 (PDT)
Received: from [199.254.238.196] (helo=[172.27.0.77]) by jay.w3.org with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from <hhalpin@w3.org>) id 1TQHBV-0007gW-G6; Mon, 22 Oct 2012 08:32:46 -0400
Message-ID: <50853CD8.8020005@w3.org>
Date: Mon, 22 Oct 2012 14:32:24 +0200
From: Harry Halpin <hhalpin@w3.org>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:16.0) Gecko/20121011 Thunderbird/16.0.1
MIME-Version: 1.0
To: Kingsley Idehen <kidehen@openlinksw.com>
References: <CCA5E789.2083A%Josh.Howlett@ja.net> <tslzk3jsjv8.fsf@mit.edu> <201210181904.PAA07773@Sparkle.Rodents-Montreal.ORG> <FB9E461D-CA62-4806-9599-054DF24C3FD9@bblfish.net> <CAG5KPzxGz+4MywjP4knfbDr2gyvqUZc1HEBXgtaDfYT+DPg5yg@mail.gmail.com> <8AB0C205-87AE-4F76-AA67-BC328E34AF5E@bblfish.net> <CABrd9SQghpi6_rVQKxYXZDtM5HwvE7Kq7SUw5zi41ZRd3y2h9A@mail.gmail.com> <4324B524-7140-49C0-8165-34830DD0F13B@bblfish.net> <CABrd9SQU1uYVaVPedokHxeYkT=759rkPFfimWK1Z8ATzo3yNFA@mail.gmail.com> <5083CCCF.2060407@webr3.org> <50842789.3080301@openlinksw.com> <50845268.4010509@webr3.org> <5084AC77.8030600@openlinksw.com> <50851512.9090803@webr3.org> <CABrd9SRNVLbWxifQAQ6iuX4qMeFmZVD6rO_q=L348G1UZzr9tg@mail.gmail.com> <50852726.9030102@openlinksw.com> <CABrd9SQ3KTqHq1hOfbLAU5hfgNyqCPK4u+ToEda+VtQ5S0utwA@mail.gmail.com> <5085360E.3080008@openlinksw.com>
In-Reply-To: <5085360E.3080008@openlinksw.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Mon, 22 Oct 2012 08:25:26 -0700
Cc: "public-philoweb@w3.org" <public-philoweb@w3.org>, nathan@webr3.org, "public-identity@w3.org" <public-identity@w3.org>, Sam Hartman <hartmans-ietf@mit.edu>, "saag@ietf.org" <saag@ietf.org>, Melvin Carvalho <melvincarvalho@gmail.com>, "public-privacy@w3.org" <public-privacy@w3.org>, "public-webid@w3.org" <public-webid@w3.org>
Subject: Re: [saag] Liking Linkability
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Oct 2012 12:32:51 -0000

On 10/22/2012 02:03 PM, Kingsley Idehen wrote:
> On 10/22/12 7:26 AM, Ben Laurie wrote:
>> On 22 October 2012 11:59, Kingsley Idehen <kidehen@openlinksw.com> 
>> wrote:
>>> On 10/22/12 5:54 AM, Ben Laurie wrote:
>>>> Where we came in was me pointing out that if you disconnect your
>>>> identities by using multiple WebIDs, then you have a UI problem, and
>>>> since then the aim seems to have been to persuade us that multiple
>>>> WebIDs are not needed.
>>> Multiple WebIDs (or any other cryptographically verifiable 
>>> identifier) are a
>>> must.
>>>
>>> The issue of UI is inherently subjective. It can't be used to 
>>> objectively
>>> validate or invalidate Web-scale verifiable identifier systems such as
>>> WebID or any other mechanism aimed at achieving the same goals.
>> Ultimately what matters is: do users use it correctly? This can be 
>> tested :-)
>>
>> Note that it is necessary to test the cases where the website is evil,
>> too - something that's often conveniently missed out of user testing.
>> For example, its pretty obvious that OpenID fails horribly in this
>> case, so it tends not to get tested.
>
> Okay.
>>
>>> Anyway, Henry, I,  and a few others from the WebID IG (hopefully) 
>>> are going
>>> to knock up some demonstrations to show how this perceived UI/UX
>>> inconvenience can be addressed.
>> Cool.
>
> Okay, ball is in our court to now present a few implementations that 
> address the UI/UX concerns.
>
> Quite relieved to have finally reached this point :-)

No, its not a UI/UX concern, although the UI experience of both identity 
on the Web and with WebID in particular is quite terrible, I agree.

My earlier concern was an information flow concern that causes the issue 
with linkability, which WebID shares to a large extent with other 
server-side information-flow. As stated earlier, as long as you trust 
the browser, BrowserID does ameliorate this. There is also this rather 
odd conflation of "linkability" of URIs with hypertext and URI-enabled 
Semantic Web data" and linkability as a privacy concern.

I do think many people agree stronger cryptographic credentials for 
authentication are a good thing, and BrowserID is based on this and 
OpenID Connect has (albeit not often used) options in this space.  I 
would again, please suggest that the WebID community take on board 
comments in a polite manner and not cc mailing lists.
>
>
>