Re: [Arch]Re: [Auth]a list of what we need the personal Data system to do.

[Myrddian]

Well here is an idea, The authentication system it self is encrypted from the 
service
provider him self. In Essence the provider cannot sell the information because 
the user
has forbidden in within the system.

Overriding these values or tampering or extracting data with out user consent, 
could be 
considered an intrusion by the system.

Also if the user wanted to he can transfer the data and safely eliminate the 
data
from the old system. 



> > Of course!
> > I am not willing to give any unencrypted private information to anybody just
> > for storing. This solution is as bad as Microsofts one!
> 
> Well, that would definitely make multiple providers unnecessary. No-one
> can mine the data, because no-one except the user can access it. Of
> course, that storage scenario creates an economic freedom problem.
> 
> What if a person says "I don't care if company X knows a great deal of
> information about me, if they provide something in exchange." Your
> scheme takes away that choice, by requiring the customer to explicitely
> release information on a case-by-case basis to the provider each and
> every time the provider wishes to mine. You and I might say "fine" or "I
> don't want anyone mining my data" and that is *our* choice! How died and
> made us into Dieties?
> 
> Individual freedom isn't only the freedom to choose this group's
> morality (yours, mine, and many here); freedom is also freedom to make a
> choice that offends us (you, me, and many here) personally.
> 
> I agree that the data should be stored encrypted as that would reduce
> successful cracks. However, I believe that who holds the key(s) should
> be a negotiation between the user and the provider. Agree or disagree,
> there's more flexibility in allowing that decision to be configurable.
> It allows more variability, and thus more competition among providers,
> which will tend to drag down prices.
> 
> The idea is that if a customer wants to be the complete owner of his
> data, he will seek a provider that provides that option under DotGNU. If
> there's a sufficient number of customers, the completely private service
> will be available. They will compete against those DotGNU providers who
> insist on holding the keys. All of them collectively will compete
> against Microsoft.
> 
> What prevents the provider from becoming "as bad as Microsoft"; ie from
> becoming an information monopolist? The trick is to make switching
> providers simple for the customer, no matter what degree of key-holding
> the customer chooses. Then a customer can say "I don't like your
> policies. I'm switching, and there's nothing Mr Provider that you can do
> about it."
> 
> Sort of like GNU/Linux. One kernal. Multiple providers. Many options.
> With minimal common standards the customer can easily switch providers.
> 
> Let's not be Henry Ford, and paraphrase, "You can have any DotGNU, as
> long as it's black."
> 
> John Le'Brecage



__________________________________________
Myrddian <address@hidden(nospam)au>
-------------------------------------------
"I stayed up all night playing poker with tarot cards. I got a full house
 and four people died". 

                   -- Steven Wright