[Auth]Authentitication and anonymity....

[David Sugar]

First point of order I think that needs to be considered is that if we have 
somebody or some server act as a pass thru "authentication" for users (one 
aspect of passport), that such an athentication system does not reveal details 
about users.

For example, if one authenticates with .dotgnu.org, and then visits 
.fungnu.org, an "affiliated site" that trusts .dotgnu.org authentication for 
purpose of mobile single signin, then what .fungnu.org receives is something 
that simply says 'this user, I will call him "x" is the same user "x" I 
authenticated to you before'.  This is how I think portable authentication 
should work, and could do so without revealing who "x" is.

This requires trusts to exist between sites that accept authentication from 
each other.  Perhaps site .dotgnu.org would sign the 
authentication/certification with it's own private key, and affiliated site 
"y" would be able to then verify that this is a valid declaration of "x".

Using something like this, it is quite possible to do a portable 
authentication system like this even entirely within cookies, as the 
information provided is very small.  The key problem with cookies of course is 
that they are easily tracked, especially if there is a known authentication 
cookie.

Rather than cookies, it would be nice if the authentication system were unique 
and done thru a handoff, where an authentication site, such as .dotgnu.org, 
simply says, here is "user X, this is the same user X I gave you before". 
Doing it this way prevents the cookie problem, and the id X could be changed 
or different when presented to different affiliated sites, so the X you have 
been authenticated as for .fungnu.org is not the same X you are known as in 
the authentication system at .newsgnu.org.

David