On 2/20/07, Adam Back <adam@cypherspace.org> wrote:
... http://yro.slashdot.org/yro/07/02/20/2158240.shtml
Maybe some list readers would like to inject some crypto knowledge into the discussion.
there are some good replies, just need more moderation from the clue-full :)
There is quite some underinformed speculation as critique on the thread... Its interesting to see people who probably understand SSL, SMIME and stuff at least at a power user if not programmer level, try to make logical leaps about what must be wrong or limited about unlinkable credential schemes. Shows the challenges faced in deploying this stuff. Cant deploy what people dont understand!
indeed. there was one insightful response to the unlinkability aspect, and that is the inevitable venality of the credential authorities. perhaps i'm just overly cynical, but without a trustworthy and secure CA the privacy assurances provided by such credentials are fairly limited. (and as detailed elsewhere, for most uses the CA's won't issue to anonymous entities) still, much better than what we've got now... p.s. the lending protection aspect of credentials is dark comedy. encode something into a credential that alice would never want to share, credit card #, bank access details, etc. lol