[FoRK] Privacy? Obama doesn't think so...

Stephen D. Williams sdw at lig.net
Sun Jun 27 09:39:07 PDT 2010


On 6/27/10 5:08 AM, Jeff Bone wrote:
>
> Another set of issues Wahington is perpetually on the wrong side of... 
> Clipper? DMCA?  Now this:

This is way better than Clipper or DMCA.  Clipper in particular was 
amazingly bad and one of the largest nefarious power grab attempts by 
the government in US history.  Everyone involved should remain ashamed.

>
> White House Proposes Vast Federal Internet Identity Scheme

http://lauren.vortex.com/whid.pdf
This doesn't seem very onerous, depending on details and who tries to 
co-opt it.  Minimally, it could be that government negotiators just get 
private and standards-oriented people together in conferences to work 
out details that are already partially there.  Should be run by NIST, 
maybe a little help from Mitre, with funding for IETF and W3C 
participation and a very independent board of crypto / security experts 
and anti-big-brother wonks.  The best outcome would be a useful and 
broadly used set of rules, standards, interpretations, appropriate legal 
liability and clarity, and efficient government use of the results.  We 
sort of have a lot of this now, whether people realize it or not.

Maximally, it could be bad.  I don't like TPM modules much (too easy for 
Microsoft et al to go for a power grab, etc.).  Don't want the 
government to be liable for security failures as this leads to all kinds 
of bad things, including onerous problems for individuals.  Any single 
system will be the target of many attacks where any success is 
multiplied too much.  The government should not be running any of these 
systems: this is definitely an area where the legalities, bureaucracy, 
and costs of government run systems would be bad.  A federation of 
companies providing services would be good, however it should be more 
like how grocery stores have convenient, usually-faster mini-post 
offices than a large fee for almost nothing like domain registrars or 
SSL certificate issuers.

I've been involved with Federal PKI CAs, highly secure transactional 
systems, IETF, W3C (including digsig for binary XML (EXI)), etc.

>
> http://lauren.vortex.com/archive/000725.html
>
> -- 
>
> A voluntary opt-in decentralized trusted identity system, hell yes.  
> This, hell no.
>
> jb
>
sdw



More information about the FoRK mailing list