Re: [saag] Liking Linkability

Sam Hartman <hartmans-ietf@mit.edu> Fri, 19 October 2012 18:22 UTC

Return-Path: <hartmans@mit.edu>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22BD821F84A5 for <saag@ietfa.amsl.com>; Fri, 19 Oct 2012 11:22:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -96.574
X-Spam-Level:
X-Spam-Status: No, score=-96.574 tagged_above=-999 required=5 tests=[AWL=-0.862, BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lwqCxfHtN7Jc for <saag@ietfa.amsl.com>; Fri, 19 Oct 2012 11:22:02 -0700 (PDT)
Received: from ec2-23-21-227-93.compute-1.amazonaws.com (ec2-23-21-227-93.compute-1.amazonaws.com [23.21.227.93]) by ietfa.amsl.com (Postfix) with ESMTP id D435621F8476 for <saag@ietf.org>; Fri, 19 Oct 2012 11:21:59 -0700 (PDT)
Received: from carter-zimmerman.suchdamage.org (c-98-217-126-210.hsd1.ma.comcast.net [98.217.126.210]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.suchdamage.org (Postfix) with ESMTPS id 5A2822010B; Fri, 19 Oct 2012 14:21:42 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 503B04AD5; Fri, 19 Oct 2012 14:21:56 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: Kingsley Idehen <kidehen@openlinksw.com>
References: <CCA5E789.2083A%Josh.Howlett@ja.net> <tslzk3jsjv8.fsf@mit.edu> <201210181904.PAA07773@Sparkle.Rodents-Montreal.ORG> <FB9E461D-CA62-4806-9599-054DF24C3FD9@bblfish.net> <CAG5KPzxGz+4MywjP4knfbDr2gyvqUZc1HEBXgtaDfYT+DPg5yg@mail.gmail.com> <8AB0C205-87AE-4F76-AA67-BC328E34AF5E@bblfish.net> <CABrd9SQghpi6_rVQKxYXZDtM5HwvE7Kq7SUw5zi41ZRd3y2h9A@mail.gmail.com> <4324B524-7140-49C0-8165-34830DD0F13B@bblfish.net> <CABrd9SQU1uYVaVPedokHxeYkT=759rkPFfimWK1Z8ATzo3yNFA@mail.gmail.com> <5081910A.1040601@openlinksw.com>
Date: Fri, 19 Oct 2012 14:21:56 -0400
In-Reply-To: <5081910A.1040601@openlinksw.com> (Kingsley Idehen's message of "Fri, 19 Oct 2012 13:42:34 -0400")
Message-ID: <tslwqyml3uj.fsf@mit.edu>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailman-Approved-At: Mon, 22 Oct 2012 08:25:26 -0700
Cc: "public-philoweb@w3.org" <public-philoweb@w3.org>, Sam Hartman <hartmans-ietf@mit.edu>, "public-identity@w3.org" <public-identity@w3.org>, "saag@ietf.org" <saag@ietf.org>, "public-privacy@w3.org" <public-privacy@w3.org>, "public-webid@w3.org" <public-webid@w3.org>
Subject: Re: [saag] Liking Linkability
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Oct 2012 18:22:04 -0000

>>>>> "Kingsley" == Kingsley Idehen <kidehen@openlinksw.com> writes:

    Kingsley> Does "Data Access Policy" work any better so that we stop
    Kingsley> being distracted by something with different means to the
    Kingsley> participants in this debate.

    Kingsley> Can a data access policy deliver unlinkability ?


Absolutely not.  I think you're talking past each other, but the data
access policy on the accessed resource cannot deliver unlinkability in
the sense that I and I think Ben are using.  The data access policy on a
centrally stored credential may be part of delivering unlinkability with
regard to certain parties in some security schemes.

If you believe that data access policies are part of unlinkability, then
I'd suggest starting to see if we're talking about the same definition
of unlinkability.