On Thu, Aug 30, 2001 at 03:07:25PM -0400, Rosen, Brian wrote:
> > >For example, I think we CAN require strong authentication
> > >prior to transmission of location information in nearly every
> > >case I'm aware of.
> >
> > In order to do that, you need a mechanisms to represent unambiguous
> > identity of both parties in the exchange. The sad truth is no widely
> > accepted Internet mechanism for this yet exists. This is still true,
> > even when you try to restrict the domain geographically. That's why
> > requiring strong authentication in the near term is optimistic, imho.
> I do understand the limitations of authentication.
> I think there are often difficulties of correlating the user's sense
> of identity of a party with cryptographically strong authentication,
> but I suspect that we still can have strong authentication in many,
> but not all cases.
>
> I'm not aware of any techniques that ensure strong
> privacy in tha absence of strong authentication.
Do you mean the inverse, techniques that ensure strong privacy in the
presence of strong authentication? Without strong authentication,
privacy is easy.
You can achieve strong authorization or credentialing, without needing
to authenticate who I am, by using techniques such as Brands' Private
Credentials, SPKI, or PolicyMaker. You might very well want strong
authentication when handing out the credentials, but you don't need to
share the information about who is being authorized to do something.
This could be useful, for example, in saying that any police officer
is authorized to force you to reveal your location, but that police
officer is not required to reveal their name to you. You can give
them a Private Credential that allows them to prove their police
status, jurisdiction, etc, and only reveal the name if there is a
reason to do so.
Adam
-- "It is seldom that liberty of any kind is lost all at once." -HumeReceived on Thu Aug 30 16:10:53 2001
This archive was generated by hypermail 2.1.8 : Thu Jan 22 2004 - 12:32:22 EST