[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Auth]Greetings...
From: |
Mike Warren |
Subject: |
[Auth]Greetings... |
Date: |
19 Oct 2001 16:04:55 -0600 |
User-agent: |
Gnus/5.0807 (Gnus v5.8.7) XEmacs/21.1 (20 Minutes to Nikko) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I just joined this list and haven't seen any traffic yet, so this is
sort of a test ;)
I am interested in seeing a system like that implemented (and recently
discontinued) by Zero Knolwedge (see http://opensource.zeroknowledge.com for
some code).
Basically, it allowed one to create anonymous identities (they called
these ``Nyms''). These were used with the rest of their system, mostly
for encrypted email. The interesting aspects of their system:
. there was an untraceable way to purchase Nyms via a ``nym-token'' sort
of digital cash -- one bought some nym tokens with a credit card or
cash and then later redeemed these tokens for a Nym (or whatever else
one could buy with the nym-tokens).
. It was not possible to determine who owned which Nym, nor where the
person using a Nym was on the network. ZK maintained a system of
servers (freedon.net) to accomplish this. The code for these servers
is GPL.
I think the ZK system would mesh well with what I understand the goals
of DotGNU (specially the Virtual Identities stuff) to be. On the
free-developers list, I proposed an authentication system modeled
after the ZK freedom network.
For those who haven't read those posts, briefly:
. multiple authorities could issue identity certificates
. each user would typically have lots of different identification
certificates, each reflecting a different amount of information
revealed (i.e. one might contain just a name, one might also have an
address, one might also have a credit card).
. DotGNU-services companies would decide how much they trust each
certificate-issuing authority.
. DotGNU-service providers would obtain information about users
through their certificates. A DotGNU provider would never have to
maintain personal information in a database. (If the service-provider
needs information about subscribed users [i.e. a login-id], then the
service provider issues their own certificate to the user with such
information; then they must only keep a database of valid login-ids).
. certificates would be encrypted.
. users have much choice: they could issue themselves certificates for
use where providers don't need a trusted provider, or choose to get a
certificate from a highly-trusted provider. For example, the FSF might
be a certificate-provider which has some method of showing that users
are who they say they are (perhaps via a small credit-card
transaction system like PayPal uses).
This addresses the following goals of DotGNU:
. users' have sole control over how much information they provide
. providers can insist on verified information, if they like. This
gives service-providers a lot of confidence in their transaction, and
would allow for, for example, anonymous users paying via credit
card. How? A trusted-certificate provider -- after verifying a
particular user is who they say they are -- could issue a sort of
digital-cash token which could be redeemed at the
service-provider. The service-provider never has to know the true
identity of the user; they just have to be satisfied that the
certificate-provider has billed the user correctly. This means users
would only have to trust ONE authority with their credit-card
information, instead of trusting everyone with whom they do business.
. such a system might quickly gain ground; it has significant
advantages over Microsoft's system (anonymity, user-confidence,
multiple identity providers).
. allows a convenient system for authentication within the DotGNU
user/provider framework (just the sending of a certificate).
Of course, I've left out many details (which I haven't really fleshed
out myself). I'm not a cryptography expert, but what understanding I
have leads me to believe that such a system could be made workable and
secure.
Best of all, there is existing GPL code for at least part of the
system (the anonymizing-network) and numerous white-papers (at ZK)
outlining security concerns and potential and actual workarounds.
Anyway. This turned out a little longer than I expected ;) A little
about me:
I am a 24-year-old recent comp.sci graduate currently working at a
pipeline company doing leak-detection in Calgary, Alberta. I would be
keen to work on a virtual-identities system if it looks like a Good
Thing.
Cheers,
- --
address@hidden
<URL:http://www.mike-warren.com>
GPG: 0x579911BD :: 87F2 4D98 BDB0 0E90 EE2A 0CF9 1087 0884 5799 11BD
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.5 and Gnu Privacy Guard
<http://www.gnupg.org/>
iD8DBQE70KODEIcIhFeZEb0RAgKTAKC1aHDF5Aa1p3SG8l9irb6riet+mgCfWRkq
kphXVtThzS2fr9NRYnAg2+I=
=TT2L
-----END PGP SIGNATURE-----
- [Auth]Greetings...,
Mike Warren <=
- Re: [Auth]Greetings..., Norbert Bollow, 2001/10/20
- [Auth]macs, Andromeda, DotGNU, and you, Mario D. Santana, 2001/10/20
- [Auth]Re: macs, Andromeda, DotGNU, and you, Norbert Bollow, 2001/10/20
- [Auth]Re: macs, Andromeda, DotGNU, and you, mds, 2001/10/21
- [Auth]Re: macs, Andromeda, DotGNU, and you, Norbert Bollow, 2001/10/22