Re: [Auth]Freport Update

[Hans Zandbelt]

John,

At 07:23 3/15/2002 -0600, John wrote:
>You and I established your indifference to the hiding of incidental
>"sites visited metadata" in our long ago conversation. Please, do not
>believe for a moment that your shouting me down then, gives you carte
>blanche to do so now. I did not agree with you then, and I don't now,

I do not mean to shout you down in any way and I don't believe that I did.
On the contrary: I think these discussions need to take place for the sake
of DotGNU, so I welcome your comments.
I just want to clarify the fact that the problems that you mention
are not related to IDsec and have been discussed before.
Please let's not make this a personal discussion but a technical
one.

>IDSec is concerned with securing profiles, and preventing *Service
>Collusion*, but does nothing to secure the incidental transactional
>meta-data that can be collected by the Manager Provider. This is a
>privacy chokepoint - a major flaw.

The fact that the Profile *Manager* can collect meta-data is inherent
to the fact that you trust the Manager with your complete user profile.
If you don't trust anyone to do so, you should be his own Profile Manager.

>Think though: How does self-hosting fit into the required remote usage
>scenario? That's the question that was left unanswered last time round
>the tobaggan trail. To recapitulate: One of the reasons people use a
>service provider is for the up-time and access warrantee. Suppose you're
>on vacation and flip open your PocketPC only to discover that a power
>glitch has occurred at "home", and there's no-one there to reboot your

In the ideal "local" situation, one would have mirrored the "local"
Profile Manager on the PocketPC. 

Still, in the remote scenario one could run into the situation that you
described. But be aware of the fact that these problems also exist in
many systems used today: you trust your bank with your savings and you
trust that your bank can be contacted to do payments when it has to.
You trust your doctor with your medical record and you trust him that
he can be contacted when a hospital needs them.
I think that these situations and their inherent drawbacks are commonly
accepted and that they work pretty well in the end.
In my opinion a virtual identity system should work in the same way.

Regards,

Hans.


------------------------------------------------------------
Hans Zandbelt                         address@hidden 
Telematica Instituut                     http://www.telin.nl 
P.O.Box 589, 7500 AN                   Phone: +31 53 4850445 
Enschede, Netherlands                    Fax: +31 53 4850400