Kim Cameron - Identity Laws

Hey Robert - Could you interview someone at MS working on code to make this stuff happen?

Thanks for the tip on the phone!  Is that the fourth time you've had it on camera?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ah... identity confirmed...

-----BEGIN PGP SIGNATURE-----
Comment: pub key http://matthew.vaneerde.com/pgp-public-key.asc

iD8DBQFCzLbfUQQr0VWaglwRAssXAKCtMLQ2XEioQzbG1ihRiZbJx/qwgACg3GTf
tlWlW5dfc3/QiduD3jyaLH0=
=N3cQ
-----END PGP SIGNATURE-----

Passport isn't used outside of Microsoft because it was too expensive, and difficult to develop with.

I really wanted to use it, but these two problems stopped me.

Here's a comment for the old school sages in the audience and I mean old school---and I mean sage: The ideals of Kim Cameron will never be acheived as long as egocentric, imperial consciousness is regarded as a 'legitimate' form of human expression. The Kafka thang is irresistible to the imperial mind. It is not about the neo-(I need to watch my language) thing (that is just a homicidal work of art). It is about the neo-stasi thing... For you "normal," "regular" people in the audience. This whole post is silly. You guys keep it real... But I will try anyway: when you call yourself a "regular" person that means you are a regulated and predictable person---you are civilized instead of heroic. This is exactly what any mass market company wants. To easily predict earnings for shareholders, you need to predict the behavior of your customers. Such power of prediction is irresistible. So ya'll keep it real.

I really enjoyed this.

rasx - I have absolutely no idea what you are talking about.

I liked this guy, even though he seemed to be some kind of indipendent thinker within a company that makes over $100m a day. We all know how MS does that too, so how far can this guy really get with the ethos that the user really is in control.

If markets at present can be bent to the will of say Wallmart and their RF-ID stratergy then won't the old ideas of 'well get you along with everyone else' prevail anyway?

I see that this guy is preparred to go for at least 10 years into the project, and only to get the stone rolling. Well I hope something materialises before then, but what? And how will this ID concept compare to what is going to be in Longhorn?

Just a question on a point on the video:

You said I can eventually "be the same person" on my
Xp box, my phone, my linux box, my electronic underwear, etc.

Computer identity at its core has to do with posessing a secret.  I have a key that nobody else has.  The details are just in what do I have to do to prove to you that I actually have the key, and who knows that its my key, and how do they know.

In order to be "me" on two devices I either have to have the same secret key on two devices or I have to convince you that two separate keys are really the same person.  so you have two choices 1) Have some protocool to transfer my identity to another, arbitrary device, or 2 have some way to say that the same me has two keys.  (I don't thank that manually entering a 512 bit identity key is something my grandma could do.)

It seems like either of these two possibilities is just rife with social engineering potential if not technical attacks.

I know a lot of people have thought about this a lot more than me.  Are there easy answers?  what is the current best ideas?

John Melville, MD wrote:

some way to say that the same me has two keys.

Write the sentence "I am John Melville, MD" and sign it with both keys.  Extensible to n keys.  Post all signatories on your blog or other public presence point.

Maurits wrote:

Write the sentence "I am John Melville, MD" and sign it with both keys.  Extensible to n keys.  Post all signatories on your blog or other public presence point.

Two problems:
   1) Most people don't have a "public presence point," and would not know if a fabricated "public presence" had been made it their name.  This is easily solved by making the "public presence point" a respected keyserver with a good identify verification mechanisim.

     2) The second problem is the point of the post.
If I let people link 2 keys to the same identity, then a trivial pfishing attack becomes "to avoid loosing your pay-pal account validate the following as your public key."  or "a worm that exploits a hole in windows to validate another key in your name."  If there is only one private key there are relatively cheep (hardware) ways to make it impossible for even a worm to discover it.  (Although I worm could use your key, it couldn't steal it by registering another identity in your name.)

So if I let one identity have multiple keys then I open up a huge attack surface to both social and technological attacks.  Furthermore a vulnerability in any one client, which may not be the best designed, can compromise the trust in the whole system.  Is this a vulnerability that we want built into the identity system?

  Maybe my bank should decide if they want to believe that John's Computer and John's Cellphone are the same person?  I bet Channel9 doesn't care how many people John Melville really is.  I bet my bank does.

Great video,
Everyone agrees that this needs to be addressed but nobody wants to agree to any single soultion. And who do you want to trust your ID with. ( Or a device, IE: smartcard or Cell Phone ) And how can a person keep control over thier ID.

Im just staying with just a basic cell phone, for the reasons of security and privacy, No bluetooth for me, it isnt secure enough. And I dont want my cell phone to be hacked into.

Wouldn't this just end up: a; being restrictive and b; giving governments the idea that they can force people to use their real identity on the internet?

Like most people I try to use as little personally identifiable information on the internet as possible. What has credit cards got to do with identity? When I use a credit card on the net it is a secure communication between myself and the credit card company. What you guys should be working on is making sure the fields I type the numbers into don't autocomplete from last time!!!!

People have the right to refuse to use their real identities on the net. My "real" net identity has no personally identifiable information. How are you going to secure that, and make sure others don't steal it, while making sure the governments dont prevent me from using it?

• Information given directly the other party must not be permanently associated with the user.
• Identity issuers must not retain permanent records of uses of information permanently associated with the user.

From comments here so far, I think a lot of folks are still confusing concerns about identity (who is it 'really') with concerns about credentials (was there a valid credential entered that i am willing to trust at my site).  Regarding identity, most sites today do not really care.  The user can enter any name and address they want as long as item is shipped to correct address.   So issues about sharing identity items and whether they are 'real' are both technically and logically separates issues from credentials, and are often site-specific (and frankly they should often be for privacy reasons).  

So I think infocard is a super implementation of globally reusable credentials (not Microsoft specific, other than as a potentially trusted provider).  This is true regardless of what kind of identity claims are tied to any given credential.  Infocard enables but does not require use as a simpler way to type identity info like a ship-to address, and that can work regardless of whether it's always the same or not.

However, I do strongly agree with concerns about scope and timeframe of valid reuse fo both credentials and identity claims.  I'd very much like to see standard capability to easily checkmark and timestamp user-authorized valid reuse of both credentials and claims information for use at a given site.  Sites cooperating in their own self-interest with this mechanism will automatically recognize their local copy of claim info is marked as invalid due to expiration stamp and ask via standard infocard prompts whether you want to recertify or update the site's copy of previously authorized info, based on your currently chosen infocard claims data.  Haven't seen anything on this yet, if not there please get it into next release cycle.

Reasonable opinions, it is quite necessary to consider this kind of issues.
<a href="http://www.freerpgsite.com/">free rpg games</a>

Reasonable opinions, it is quite necessary to consider this kind of issues.
[url=http://www.freerpgsite.com/]free rpg games[/url]