On 7/14/06, EKR <[EMAIL PROTECTED]> wrote:
"Ben Laurie" <[EMAIL PROTECTED]> writes:
> On the plane to IETF I realised that there were several more potential
> requirements to add to ekr's list:
>
> 12. Single Site Unlinkability (SSU)
> The user should be able to visit the same site multiple times without
> the site being able to tell that it is the same user, even if the user
> is, for example, asserting the same external claims each time. This
> protects the user's privacy. Obviously if data provided by the user is
> unique to that user (for example, age and address combined are often
> sufficient to uniquely identify a person) then no amount of cleverness
> can provide SSU, but SSU should be available to the extent permitted
> by the uniqueness of the data provided.
This is an interesting requirement and obviously of value, but
it's worth noting that there are contexts in which linkability
(CI) is precisely what's desired--blog comments, for example.
So, you wouldn't want to design a system that always provided
SSU. :)
Totally agreed.
> 15. Claim Minimality (CM)
> The ability to show only exactly what is needed, (for example, the
> user is over 21 rather than the user's exact age, or if there are
> mutlple claims the ability to show a subset). This improves privacy
> and reduces linkability.
Note that this ties in with IAC.
Right - the distinction is that rather than merely separating claims
you want to be able to prove properties of claims instead of revealing
their actual content.
-Ekr
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
