[Cryptography] Secure universal message addressing

John Gilmore gnu at toad.com
Tue Apr 5 03:17:11 EDT 2016 

> The key idea here is that you get to have *one* identifier for yourself
> under your control, that you can use everywhere, securely.

The key idea here is a bad idea.

I don't want everyone I interact with to have the same identifier for
me.  That's the problem with Social Security Numbers.  With a single
identifier, all the interactions with me can be cross-correlated to
track me everywhere I go.  Typically this is done NOT for my
benefit, but to give some third party an advantage over me.

Every online service that I interact with gets a different identifier
for me.  Every one gets a different email address for me.  If you send
email to one, they mostly lead to the same mailbox, though that's not
obvious from the addresses, and is under my later control.  (Some of the
email addresses that websites demand of me lead to places like
mailinator.com, which offers free disposable email addresses that will
let you read the one email message that "verifies" that this is a "real"
email address, and then quietly file and discard all the spam that the
websites send there subsequently.)

Provider A has no idea that I'm the same guy as Provider B's customer Joe.
They don't need to know, and I prefer that they not know.  

> OpenID essentially died. So did Mozilla's Personas. A bunch of RDF based
> protocols too. And many many more. 

And, from my point of view, this is why they died.  I had zero
interest in helping third parties keep track of me everywhere, using
the same identifier on widely varying sites.  It's already hard enough
work to keep Google out of my underwear when I don't even have an
account with them.  If I had the same account everywhere?  Let's not
go there.  "Login with your Facebook account?"  No thanks!!!

ssh public key authentication has this problem too.  Its default is to
assume that you want to use your same local identification to identify
you to every remote site that you try to access.  What a clueless
idea.  Luckily, ssh has survived despite this.  If you avoid its whole
public-key-per-user aspect, you can use it reliably with usernames and
passwords, different on every site.

	John

More information about the cryptography mailing list