[messaging] [Cryptography] Secure universal message addressing
natanael.l at gmail.com
Tue Apr 5 02:09:20 PDT 2016
- Sent from my phone
Den 5 apr. 2016 09:17 skrev "John Gilmore" <gnu at toad.com>:
> > The key idea here is that you get to have *one* identifier for yourself
> > under your control, that you can use everywhere, securely.
> The key idea here is a bad idea.
> I don't want everyone I interact with to have the same identifier for
> me. That's the problem with Social Security Numbers. With a single
> identifier, all the interactions with me can be cross-correlated to
> track me everywhere I go. Typically this is done NOT for my
> benefit, but to give some third party an advantage over me.
No problem. This is a per-nickname identifier. Use temporary disposable /
throwaway accounts or context specific accounts if you wish. Then you won't
have everything linked to the same account.
> > OpenID essentially died. So did Mozilla's Personas. A bunch of RDF based
> > protocols too. And many many more.
> And, from my point of view, this is why they died. I had zero
> interest in helping third parties keep track of me everywhere, using
> the same identifier on widely varying sites. It's already hard enough
> work to keep Google out of my underwear when I don't even have an
> account with them. If I had the same account everywhere? Let's not
> go there. "Login with your Facebook account?" No thanks!!!
The type of tech Mozilla Personas (or U2F) was using to anonymize the
original account you connected with can be reused, although that would
break the universal addressing aspect.
Or how about this - you can link multiple profiles / personas / nicknames
to your account, including creating throwaways, and get to chose which one
to link third party services too when you register with them.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging