Chris Drake <[EMAIL PROTECTED]> writes: > ER> Chris Drake <[EMAIL PROTECTED]> writes: > >>>>>>>> "Eric" == Eric Rescorla <ekr at networkresonance.com> writes: >>> >>> >> I don't believe that my requirements would require that the >>> >> relying party talk to the identity provider. >>> >>> How do you propose to protect my privacy in this scenario? I do not >>> want the same credentials of mine revealed when I log in to >>> "shame-your-boss.com" as when I log in to my sourceforge account, but >>> I would like to avoid having to remember multitudes of different >>> usernames and passwords for every web site I visit, as well as enjoy >>> phishing defences... > > ER> And you'd prefer to have your identity provider have a record > ER> of every site you've visited? > > Which would you prefer? > > Neither is ideal - the best solution would in fact *be* neither, but > if I'm *forced* to let either the site who I chose to trust with my > identity and privacy know where I go, or, let everywhere I go know who > I am - I'll reluctantly choose the former.
Right, but you're not forced to. This sort of problem is fairly well covered in the cryptographic literature. > Additionally - I can't, off the top of my head, think how to get my > long-term credential into the relying party's web site without using > HTTP redirects (introducing the referrer problem), extra installed > software components (which corporate/internet-cafe users won't have > permission to install), or users copy/pasting things into input boxes > (tricky, unsafe, no phishing protection) Basically any solution which is going to be phishing safe is likely to involve modifyign the browser somehow. -Ekr _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
