Re: [saag] Liking Linkability
Melvin Carvalho <melvincarvalho@gmail.com> Mon, 22 October 2012 12:47 UTC
Return-Path: <melvincarvalho@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8137821F889F for <saag@ietfa.amsl.com>; Mon, 22 Oct 2012 05:47:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.286
X-Spam-Level:
X-Spam-Status: No, score=-3.286 tagged_above=-999 required=5 tests=[AWL=0.312, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cp9qiCnkvl8A for <saag@ietfa.amsl.com>; Mon, 22 Oct 2012 05:46:59 -0700 (PDT)
Received: from mail-ie0-f172.google.com (mail-ie0-f172.google.com [209.85.223.172]) by ietfa.amsl.com (Postfix) with ESMTP id 70D2F21F85E2 for <saag@ietf.org>; Mon, 22 Oct 2012 05:46:59 -0700 (PDT)
Received: by mail-ie0-f172.google.com with SMTP id 9so4185103iec.31 for <saag@ietf.org>; Mon, 22 Oct 2012 05:46:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=F0PLgs3JbKDUKZTH5kTV6vjQIaCGPOF2Joy7KyfYDwI=; b=KsBhiNU3cc2Ckr9m/yDhfjdQvd+S2ee2JSyGagy0DRSVgKblsoNBmHxWHIyHYU7mRu 1pygLvFst8NTlXjL990ESB8lxMsdEw5hc0zOSqLvy67qU5Bqr4I0kqQ+V+gJV9LBc+pi z5FSUhdPN58UvJ8WCN5NQlZwfShCi0ZzbiQvAvhkm6nHkuPa8TkQpX/G7D1y+I2Cej9N Oq4Sp0r0PvJ+kjZgHKJdKvqbKzQEp3dWR3lKdWV5byZ8h0JAzyUYlrH9k41AdFl59T4D wU1QGPCduFZL6RKA7TG3BJMEdcH854jvZaMRkooITuRwwJ0E0PndxOUCubdOm2kFqOlm dEQQ==
MIME-Version: 1.0
Received: by 10.50.190.234 with SMTP id gt10mr8908832igc.20.1350910018953; Mon, 22 Oct 2012 05:46:58 -0700 (PDT)
Received: by 10.42.247.129 with HTTP; Mon, 22 Oct 2012 05:46:58 -0700 (PDT)
In-Reply-To: <50853CD8.8020005@w3.org>
References: <CCA5E789.2083A%Josh.Howlett@ja.net> <tslzk3jsjv8.fsf@mit.edu> <201210181904.PAA07773@Sparkle.Rodents-Montreal.ORG> <FB9E461D-CA62-4806-9599-054DF24C3FD9@bblfish.net> <CAG5KPzxGz+4MywjP4knfbDr2gyvqUZc1HEBXgtaDfYT+DPg5yg@mail.gmail.com> <8AB0C205-87AE-4F76-AA67-BC328E34AF5E@bblfish.net> <CABrd9SQghpi6_rVQKxYXZDtM5HwvE7Kq7SUw5zi41ZRd3y2h9A@mail.gmail.com> <4324B524-7140-49C0-8165-34830DD0F13B@bblfish.net> <CABrd9SQU1uYVaVPedokHxeYkT=759rkPFfimWK1Z8ATzo3yNFA@mail.gmail.com> <5083CCCF.2060407@webr3.org> <50842789.3080301@openlinksw.com> <50845268.4010509@webr3.org> <5084AC77.8030600@openlinksw.com> <50851512.9090803@webr3.org> <CABrd9SRNVLbWxifQAQ6iuX4qMeFmZVD6rO_q=L348G1UZzr9tg@mail.gmail.com> <50852726.9030102@openlinksw.com> <CABrd9SQ3KTqHq1hOfbLAU5hfgNyqCPK4u+ToEda+VtQ5S0utwA@mail.gmail.com> <5085360E.3080008@openlinksw.com> <50853CD8.8020005@w3.org>
Date: Mon, 22 Oct 2012 14:46:58 +0200
Message-ID: <CAKaEYhJuY9vakh+AVRS7GfcBDe_Rh8hNd2YCPdC3gaw6yQ7O9g@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Harry Halpin <hhalpin@w3.org>
Content-Type: multipart/alternative; boundary="14dae93408ddcda15504cca53fe7"
X-Mailman-Approved-At: Mon, 22 Oct 2012 08:25:26 -0700
Cc: "public-philoweb@w3.org" <public-philoweb@w3.org>, nathan@webr3.org, "public-identity@w3.org" <public-identity@w3.org>, Sam Hartman <hartmans-ietf@mit.edu>, "saag@ietf.org" <saag@ietf.org>, "public-privacy@w3.org" <public-privacy@w3.org>, Kingsley Idehen <kidehen@openlinksw.com>, "public-webid@w3.org" <public-webid@w3.org>
Subject: Re: [saag] Liking Linkability
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Oct 2012 12:47:00 -0000
On 22 October 2012 14:32, Harry Halpin <hhalpin@w3.org> wrote: > On 10/22/2012 02:03 PM, Kingsley Idehen wrote: > >> On 10/22/12 7:26 AM, Ben Laurie wrote: >> >>> On 22 October 2012 11:59, Kingsley Idehen <kidehen@openlinksw.com> >>> wrote: >>> >>>> On 10/22/12 5:54 AM, Ben Laurie wrote: >>>> >>>>> Where we came in was me pointing out that if you disconnect your >>>>> identities by using multiple WebIDs, then you have a UI problem, and >>>>> since then the aim seems to have been to persuade us that multiple >>>>> WebIDs are not needed. >>>>> >>>> Multiple WebIDs (or any other cryptographically verifiable identifier) >>>> are a >>>> must. >>>> >>>> The issue of UI is inherently subjective. It can't be used to >>>> objectively >>>> validate or invalidate Web-scale verifiable identifier systems such as >>>> WebID or any other mechanism aimed at achieving the same goals. >>>> >>> Ultimately what matters is: do users use it correctly? This can be >>> tested :-) >>> >>> Note that it is necessary to test the cases where the website is evil, >>> too - something that's often conveniently missed out of user testing. >>> For example, its pretty obvious that OpenID fails horribly in this >>> case, so it tends not to get tested. >>> >> >> Okay. >> >>> >>> Anyway, Henry, I, and a few others from the WebID IG (hopefully) are >>>> going >>>> to knock up some demonstrations to show how this perceived UI/UX >>>> inconvenience can be addressed. >>>> >>> Cool. >>> >> >> Okay, ball is in our court to now present a few implementations that >> address the UI/UX concerns. >> >> Quite relieved to have finally reached this point :-) >> > > No, its not a UI/UX concern, although the UI experience of both identity > on the Web and with WebID in particular is quite terrible, I agree. > Harry, what exactly do you mean by "on the web"? The reference point I take for this phrase is from the "Axioms of Web Architecture" : http://www.w3.org/DesignIssues/Axioms.html#uri 'An information object is "on the web" if it has a URI.' If I have understood your previous posts correctly you perhaps have a different definition or referring to something specific. Sorry if im a bit confused things, It's not that clear hat you mean by the phrase. > My earlier concern was an information flow concern that causes the issue > with linkability, which WebID shares to a large extent with other > server-side information-flow. As stated earlier, as long as you trust the > browser, BrowserID does ameliorate this. There is also this rather odd > conflation of "linkability" of URIs with hypertext and URI-enabled Semantic > Web data" and linkability as a privacy concern. > > I do think many people agree stronger cryptographic credentials for > authentication are a good thing, and BrowserID is based on this and OpenID > Connect has (albeit not often used) options in this space. I would again, > please suggest that the WebID community take on board comments in a polite > manner and not cc mailing lists. > Feedback is valuable and appreciated. Certainly the comments made are taken on board. With standards such as identity there's always an overlap between different efforts. I cant speak for others in the community, but I personally agree that care should be taken to post the right topics to the right list.
- [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Klaas Wierenga (kwiereng)
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Josh Howlett
- Re: [saag] Liking Linkability Sam Hartman
- Re: [saag] Liking Linkability Mouse
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Harry Halpin
- Re: [saag] Liking Linkability Melvin Carvalho
- Re: [saag] Liking Linkability David Chadwick
- Re: [saag] Liking Linkability David Chadwick
- Re: [saag] Liking Linkability David Chadwick
- Re: [saag] Liking Linkability Sam Hartman
- Re: [saag] Liking Linkability Mo McRoberts
- Re: [saag] Liking Linkability Nathan
- Re: [saag] Liking Linkability Sam Hartman
- Re: [saag] Liking Linkability Nathan
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Nathan
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Nathan
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Harry Halpin
- Re: [saag] Liking Linkability Melvin Carvalho
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Melvin Carvalho
- Re: [saag] Liking Linkability Dan Brickley
- Re: [saag] Liking Linkability David Chadwick
- Re: [saag] Liking Linkability Nathan
- Re: [saag] Liking Linkability Robin Wilton
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Ben Laurie
- Re: [saag] Liking Linkability Henry Story
- Re: [saag] Liking Linkability Robin Wilton
- Re: [saag] Liking Linkability Nathan
- Re: [saag] Liking Linkability Melvin Carvalho
- Re: [saag] Liking Linkability Melvin Carvalho