On Tue, Jan 21, 2025 at 1:31 PM Dick Hardt <dick.ha...@gmail.com> wrote:
> From a privacy perspective, using a correlatable identifier across all > sites simplifies tracking to the detriment of the user's privacy. > > The other concern with this approach is control of the identifier is > control of your identity. How does my mom get back control? > > We have similar issues with email, which is by default how people login to > most sites and do an email loop to prove control of their identifier if > they (or the attacker) does not have the password. > I had similar concerns at first. Then I started to think 'what if a lot of our problems are due to the lack of clarity in what an identifier is doing for us'. There are so many ways of linking users in the current setup that the handle isn't really much of a worry. Facebook has figured out some of the accounts I use for telemetry analysis belong to me. Likely because I log in from the same IP address. If we are going to worry about unlinkability, we have to take that as our goal and provide a complete solution. So let's imagine I care about privacy and unlinkability and my authentication provider is also my VPN provider. With the right browser support, I can tell the Web client, 'start private browsing for golf.com' and it goes and tells my authentication provider to spin up a separate handle for me to use, just for that site. And it can direct the traffic through a different VPN exit. A big attraction for this approach for me as someone starting a social media site is that I don't need to muck about with accounts *AT ALL*. Not my problem if the user forgets their password, I don't need their email for recovery either. All the customer support overhead is taken off my site. Users are far less likely to remember a password for a site they visited last 24 months ago than the password for their DNS handle they use everywhere. There are many accounts I end up doing password recovery on every single day. Right no, I can't open the garage door from my app because the clueless dweebs wrote it decided to forget my password because of some security superstition they acquired somewhere.
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
