Re: [VCARDDAV] Signed vCards

DataPacRat <datapacrat@gmail.com> Thu, 11 July 2013 00:39 UTC

Return-Path: <datapacrat@gmail.com>
X-Original-To: vcarddav@ietfa.amsl.com
Delivered-To: vcarddav@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C4BF11E80A5 for <vcarddav@ietfa.amsl.com>; Wed, 10 Jul 2013 17:39:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.524
X-Spam-Level:
X-Spam-Status: No, score=-2.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TfKh2ydOsH7m for <vcarddav@ietfa.amsl.com>; Wed, 10 Jul 2013 17:39:38 -0700 (PDT)
Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com [IPv6:2a00:1450:400c:c03::22c]) by ietfa.amsl.com (Postfix) with ESMTP id AA22D21F9CA7 for <vcarddav@ietf.org>; Wed, 10 Jul 2013 17:39:37 -0700 (PDT)
Received: by mail-we0-f172.google.com with SMTP id q56so6418378wes.17 for <vcarddav@ietf.org>; Wed, 10 Jul 2013 17:39:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=p3XqCc/awZejPEHs/oiGU2iEv+zaEyj92/LT5NDNrRg=; b=m/q189YOOw/CBsFhBkcL+LxCi2Wo3Bf8FTCmm3cGuNUNQ0iaS/QZMqHkm/wog2kG5U BDaBYQso3HPDcSPHHjVU3XvQON/4Wvp42TP0YgeOzWQkpJTuBAkIuJm40V780Srsf+c9 mSt2z8w/zrHsKrRQopG7hf6UXUJ05XEVRoAF8sk9kARdoQn8d/dXoZC5tCf2TglM14kL wGkvcUluFVKTqdRy0yjOQ/hszga1hrp4yAUpYoBxY7PI9D6lm4Z1yAf/Oh0y/D66kJcL WTC8H6x4OQcwtYN2Mq3Uo7J28aC3eFX2OLlDaMJsjT4XQQZhB6jh9blk05C/w8L8zQOe xEqA==
MIME-Version: 1.0
X-Received: by 10.180.82.196 with SMTP id k4mr21014488wiy.0.1373503176697; Wed, 10 Jul 2013 17:39:36 -0700 (PDT)
Received: by 10.194.243.193 with HTTP; Wed, 10 Jul 2013 17:39:36 -0700 (PDT)
In-Reply-To: <CAB5WduC9OQDknwZj5PHQ0t8Y4V1vtpafeJuZXsnhrWKSmDfwFQ@mail.gmail.com>
References: <CAB5WduA09GVZ7j2q4e9aM-CYBj27_deKT=VHhVL0+gzG1yRq0A@mail.gmail.com> <CAD6ztsqqQwbN_-yv9+-tHuh8X1MfBRKEqF6ugH=0avHTuKxzWA@mail.gmail.com> <CAB5WduCO7mNPAqgqYWXmceog3wVNox5reUAjsCQRUXRQB0Wftw@mail.gmail.com> <51D18BC4.5030300@cisco.com> <CAB5WduAJSiqEjsw+DUo4Emy-Tw30nTw1WA2MshxJAfHN1sh0WA@mail.gmail.com> <51D1A52C.6000806@viagenie.ca> <CAB5WduDEe+tC21L6AbW0HRzTf5Z6L0oCA+M4X8_p1ERK0rFPtA@mail.gmail.com> <51D570F4.1020204@cisco.com> <CAB5WduC9OQDknwZj5PHQ0t8Y4V1vtpafeJuZXsnhrWKSmDfwFQ@mail.gmail.com>
Date: Wed, 10 Jul 2013 20:39:36 -0400
Message-ID: <CAB5WduC-m-TH9a1WrFY6QX8cQ2bJ8EgOD8+swEwpVxM7my42UA@mail.gmail.com>
From: DataPacRat <datapacrat@gmail.com>
To: Eliot Lear <lear@cisco.com>
Content-Type: multipart/alternative; boundary="f46d044281cef1eeea04e131a063"
Cc: "vcarddav@ietf.org" <vcarddav@ietf.org>
Subject: Re: [VCARDDAV] Signed vCards
X-BeenThere: vcarddav@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF vcarddav wg mailing list <vcarddav.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vcarddav>, <mailto:vcarddav-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vcarddav>
List-Post: <mailto:vcarddav@ietf.org>
List-Help: <mailto:vcarddav-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vcarddav>, <mailto:vcarddav-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2013 00:39:38 -0000

I've been sorting through my notes, and come up with a possible change to
the signed vCard proposal, which seems significant enough to solicit
comment on before I proceed further.

What I see as the core of using signed vCards to improve identity
declarations, is the CONFIDENCE property. In the current design, it's
applied solely to the AUTHORITY field, to indicate how confident that
authority is that all of the info signed in the vCard is accurate, and
describes the individual/group/etc in question. Due to the nature of
confidence measurements, I've been getting ready to use negative numbers of
decibans, with short vCards, for revocations (eg, "I'm no longer at this
email address").

However, an alternate approach would be to have CONFIDENCE, like DATE, be
applicable to any field. This would allow a single signed vCard to contain
fields of different confidence levels ("I'm 80% sure this is his Twitter
account, and 60% sure this is his email address"). Combining it with DATE
allows for even easier descriptions of when which accounts are being used,
and which aren't. (As a practical example: announcing revocations of a PGP
public key, after misplacing the private one.) However, this does come at
the cost of a mild increase in complexity; and there may be further
ramifications or improvements worth discussing.

So: changing CONFIDENCE to be a generic modifier: good idea or bad idea?



-- 
Thank you for your time,
-- 
DataPacRat