Re: [saag] Liking Linkability

Melvin Carvalho <melvincarvalho@gmail.com> Thu, 18 October 2012 16:23 UTC

Return-Path: <melvincarvalho@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49F2021F8449 for <saag@ietfa.amsl.com>; Thu, 18 Oct 2012 09:23:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.098
X-Spam-Level:
X-Spam-Status: No, score=-3.098 tagged_above=-999 required=5 tests=[AWL=0.500, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tlfagpaOCAjv for <saag@ietfa.amsl.com>; Thu, 18 Oct 2012 09:23:42 -0700 (PDT)
Received: from mail-ie0-f172.google.com (mail-ie0-f172.google.com [209.85.223.172]) by ietfa.amsl.com (Postfix) with ESMTP id 6531321F8448 for <saag@ietf.org>; Thu, 18 Oct 2012 09:23:42 -0700 (PDT)
Received: by mail-ie0-f172.google.com with SMTP id 9so16104594iec.31 for <saag@ietf.org>; Thu, 18 Oct 2012 09:23:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=ZQYWe40QSFsIqszKGpI//se5OBmDpLaquBTiFJozwm0=; b=Nfj5S0LezfCF6xDJ/68Pr8E37sT/yxr8xYmQUthG7NiGH+xqk8KouY6ECyYjoKIWmP fxQWa0EIxY9OX7bq3KQ/IVi6+K+XJ1qmpcTz3+9ZwzcCu3e06okn7hmpUtD0bTlKSDUa WYm07EzW8t7jNwMR9QV/fTwkfCA4vOWNIXcaQLi7p7bIm241vhGCeOeBWab2xFIqG31a /eJuR8ei7gTy/i5gjIxoePpTYCcy/9RL9lHubRVcFCsu631I39M6I22AZrNsepAKq3qu P98ssZtak2/HIwv93AsAGquQiTv6qW+AXKAdVxrWKg//F9c/LAK8vdaBH7cVCAYgPs71 h13A==
MIME-Version: 1.0
Received: by 10.50.5.239 with SMTP id v15mr5523781igv.41.1350577421916; Thu, 18 Oct 2012 09:23:41 -0700 (PDT)
Received: by 10.42.247.129 with HTTP; Thu, 18 Oct 2012 09:23:41 -0700 (PDT)
In-Reply-To: <CABrd9SRqZN5Bm6rHmduUxXW4ED0yPTxU148Y3txLPjPhbA=hpQ@mail.gmail.com>
References: <88F98DFD-EF7D-4444-A9C2-FB8E15F5DA89@bblfish.net> <3757D928-C3AE-4630-98E7-E30B5CC604B0@cisco.com> <C8B17065-FD7A-4E4C-B423-4FAB02A48A6D@bblfish.net> <7E1636E02F313F4BA69A428B314B77C708217189@xmb-aln-x12.cisco.com> <7ABCD095-4B09-40DD-A084-1BBE761CA72F@bblfish.net> <CABrd9SRqZN5Bm6rHmduUxXW4ED0yPTxU148Y3txLPjPhbA=hpQ@mail.gmail.com>
Date: Thu, 18 Oct 2012 18:23:41 +0200
Message-ID: <CAKaEYhK40aa7wZg_inbjxoauMQ-wXLvMAE4fpssdrg2XB-gBkA@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Ben Laurie <benl@google.com>
Content-Type: multipart/alternative; boundary=e89a8f502cd6799b9f04cc57cfd9
X-Mailman-Approved-At: Mon, 22 Oct 2012 08:25:26 -0700
Cc: "public-philoweb@w3.org" <public-philoweb@w3.org>, "public-identity@w3.org" <public-identity@w3.org>, "saag@ietf.org" <saag@ietf.org>, "public-privacy@w3.org" <public-privacy@w3.org>, "Klaas Wierenga \(kwiereng\)" <kwiereng@cisco.com>, "public-webid@w3.org" <public-webid@w3.org>
Subject: Re: [saag] Liking Linkability
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Oct 2012 16:23:43 -0000

On 18 October 2012 17:34, Ben Laurie <benl@google.com> wrote:

> On 9 October 2012 14:19, Henry Story <henry.story@bblfish.net> wrote:
> > Still in my conversations I have found that many people in security
> spaces
> > just don't seem to be  able to put the issues in context, and can get
> sidetracked
> > into not wanting any linkability at all. Not sure how to fix that.
>
> You persist in missing the point, which is why you can't fix it. The
> point is that we want unlinkability to be possible. Protocols that do
> not permit it or make it difficult are problematic. I have certainly
> never said that you should always be unlinked, that would be stupid
> (in fact, I once wrote a paper about how unpleasant it would be).
>
> As I once wrote, anonymity should be the substrate. Once you have
> that, you can the build on it to be linked when you choose to be, and
> not linked when you choose not to be. If it is not the substrate, then
> you do not have this choice.
>
>
What are the criteria for anonymity to be considered an acceptable
substrate?

1. For example if I dont send my certificate, no one can ever link me.  Is
that good enough?

2. I suggested a shared anonymous identity (either an individual or group)
eg at http://webid.info/#anon .  What that solve the problem.

3. Are we looking for more crypto style proofs, such as chaumian blinding,
anonymous veto, OpenPGP style subkeys or one time shared secrets?

I understand what you are suggesting, but on what criteria would a
suggested solution be measured?