RE: [projectvrm] Principles, personalities, anonymity and identity

["Luk Vervenne" < >]

Different context leads to different service requests.
It's important to isolate identity over different contexts.
So non-correlation is a key concept.

In view of the discussion on this:

Vendors / Service Providers can combine (and so already are combining) their 
data to 'co-relate' you.  
Open standards based "fully pairwise pseudonymisation" is a possible IdM 
based answer to this, 
This allows to isolate/separate your authentication to every service request 
to any service provider. Every time.
This is essential especially if your vendor leans on (a chain of) third 
parties to perform his service. 

What happens is that with every service request, each Vendor/SP gets a 
different random token from one of the IdPs involved in the service loop. 
This avoids correlation. 
In addition and in order to minimise risk, the various IdPs involved in an 
ecosystem might also have their own random pseudonymous token exchange when 
authenticating each other's users. All is signed and encrypted.

So yes, if this is the way you decide to operate, IdPs can be 'looped-in' 
quite intensively.

Luk

-----Oorspronkelijk bericht-----
Van: Joe Andrieu 
[mailto:
 ]
 
Verzonden: woensdag 28 september 2011 0:26
Aan: Johannes Ernst
CC: Devon Loffreto; Doc Searls; ProjectVRM list
Onderwerp: Re: [projectvrm] Principles, personalities, anonymity and identity

Right. We are constantly dealing with a plethora of contexts. Meeting you at 
the mall /yesterday/ is a somewhat different context than meeting you at the 
mall /tomorrow/. Especially if, say, the mall is the Washington Mall and 
today is 9/11/2001.

-j

On Tuesday, September 27, 2011 2:52 PM, "Johannes Ernst"
<
 >
 wrote:
> 
> On Sep 26, 2011, at 19:08, Joe Andrieu wrote:
> 
> > On Monday, September 26, 2011 6:55 PM, "Johannes Ernst"
> > <
 >
> >  wrote:
> >> On Sep 26, 2011, at 18:34, Joe Andrieu wrote:
> >>> I think there's a core misconception here about identity.  This may or 
> >>> may not be semantics, but it's worth pointing out.
> >>> 
> >>> Identity is the correlation of an entity across different contexts.
> >> 
> >> I wouldn't necessarily agree with that. Below you say that identity 
> >> is about recognition. That I can agree with.
> > 
> > 
> > I'm not sure I follow the distinction. Isn't recognizing someone the 
> > same thing as correlating the person you perceive now as the person 
> > you saw before?
> 
> Yes it is. But I'm reading more into "across different contexts" than 
> you seem to … (e.g. Facebook recognizing me at some random third-party
> website) you apparently just meant that you will recognize me if we 
> meet at the mall.
> 
> > 
> > -j
> > --
> > Joe Andrieu
> > SwitchBook
> > 
 
> > +1(805)705-8651
> > 
> 
--
Joe Andrieu
SwitchBook

 
+1(805)705-8651