[GNU/consensus] Ubikima, credentials, etc.

consensus

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNU/consensus] Ubikima, credentials, etc.

From:	hellekin
Subject:	[GNU/consensus] Ubikima, credentials, etc.
Date:	Tue, 24 Dec 2013 00:13:30 -0300
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

http://www.cs.ru.nl/~jhh/ubikima.html

UbiKiMa is a system that proposes to replace password authentication
on the Web with an out-of-band cryptographic authentication using a
smartphone app.

I didn't read the paper, just got curious about it as its author will
be present at the 30c3, with a talk that is likely to be more
interesting than this:
https://events.ccc.de/congress/2013/Fahrplan/events/5214.html

Just so my first impression is recorded: as I do not trust smartphones
to deliver any kind of security for its bearer, due to a large number
of documented flaws (insecure protocols, built-in surveillance and
tracking, OS and hardware design flaws / proprietary backdoors, etc.),
I don't see myself granting such a device the key(s) to my online
activity.

The IRMA concept, on the other hand, appears to be rich of
potentialities: "Attribute Based Credentials in Practice" is likely to
dim local-instantaneous surveillance capabilities, as it would avoid
giving full identity when only e.g., your age is required by law.

Such an approach would as well be better implemented on credentials
delegation on the Web: when I want to post a comment to a blog
article, and I am offered to sign in with Twitter in order to do that,
I cannot accept giving the comment application read access to my
contact list, and read-write access to my timeline. I'm willing to
post a comment to a blog article! Stay away from my Twitter feed!
Disqus: you suck.

Merry HacksMess

==
hk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCgAGBQJSuPvXAAoJEEgGw2P8GJg92zAP/0FZ2U9oOZxMa3XbT8DKnePx
Ez1hhrlciJcudxPKhAjnQPoHN5JY7s4caLPsge5lB2KNC/sQQWmgBjawyEqOIbsN
4PWESqx6Y2vIInrAa9W2QWLOYbAJERFkyPMl/RQ0IMVQarthMWcmk8/NBF80OS6e
SNmoheXSVfGQTk1CqIJtsJcH5AmqroVfOoCq2N2CGtbbFKQBm3UW7XZG04XetLO2
nAo13QSU62ldvKe8Ob+fCHS6YG95vqIwQI9ge8dmiP8yVzrUxjMYzb8tbid0e+t8
KX6mpk5K3IoMjzszZkbJSYBn1Eas3ttbsE0ORxwkvem+pTLwYVRZUM68J6YfazmW
v2Lh8Ug7clWetI/EzuGME7+RHq+DXAKfy5zXfar6cqIoIxK3GbioJso8eMSxIJF6
ryB7lTBdPv1ZVQCQ8Y0y63MfCO2M6c5CzzL7R2fxu41b1QJeEY62LBOHc+LFN6FR
DDeJhpzCUmrqibL7teJJKSVOw6JNKBIFWPfEsEXUO/C38dfuAjHQYxGI/pp9RDGn
33yuqYZmkm4+dXL6qO10RfmgkFZbAh2oyK+dO88iaLRsplarDZw6nrpgWNfKX4ZB
3UVNfUhV6ffO7Zii0lV8BYvyoprI6E/0G+E4qjLO7+L3b9XTVGhzmjKazFpQG4Ft
s61v3c0X4Wzj927hRj4s
=cHs9
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

[GNU/consensus] Ubikima, credentials, etc., hellekin <=

Prev by Date: Re: [GNU/consensus] [SocialSwarm-D] Announce: Glance 1.0
Next by Date: [GNU/consensus] Fwd: [secushare-announce] #youbroketheinternet at the 30c3 congress
Previous by thread: Re: [GNU/consensus] [SocialSwarm-D] Announce: Glance 1.0
Next by thread: [GNU/consensus] Fwd: [secushare-announce] #youbroketheinternet at the 30c3 congress
Index(es):
- Date
- Thread