Comments on: Keys, signatures and linkability

By: Kim Cameron

Kim Cameron — Thu, 07 Jun 2007 05:16:49 +0000

Could you expand with an example?

By: Rainer Hoerbe

Rainer Hoerbe — Wed, 06 Jun 2007 21:03:18 +0000

Kim, your definition of linkabilty talkes about linking transactions. Other than that, using referrers, SAML IDP log files portals and reverse proxies, users might be linked to services (URLs). This is obviously less useful than linked transaction data, but still a privacy issue. I would call this referabilty, but maybut someone already coined a term.

By: Moshe Sambol

Moshe Sambol — Wed, 06 Jun 2007 12:44:18 +0000

Stephan gives a different, stronger definition of traceability than you did in your recent post on the subject.

As I understood your post, your distinction between linkability and traceability was that the former links separate transactions and the latter links parts of a single transaction as it moves through one or more systems.

Stefan says that traceability is the ability to determine the user’s identity based on analysis of his claims.

Perhaps what accounts for the difference is that you wrote about traceability of transactions whereas he wrote about traceability of claims, but I think that for the sake of the coherency of the conversation, it would help a lot to have a clear, consistent definition of the term.

“Being able to follow a transaction through all its phases by collecting transaction information and having some way of identifying the transaction payload as it moves through the system” doesn’t necessarily mean that I can also identify the person who originated the transaction. I might want the first kind of traceability while not wanting the second. Can we have separate terms, please?

By: Popular WebLogs » Blog Archive » Keys, signatures and linkability

Popular WebLogs » Blog Archive » Keys, signatures and linkability — Tue, 05 Jun 2007 22:05:09 +0000

[...] Original post by Kim Cameron [...]

By: Christian Paquin

Christian Paquin — Tue, 05 Jun 2007 21:06:51 +0000

The odds of generating colliding key pairs using secure cryptographic constructs are negligible. How is this different from two IdPs assigning the same identifier to two users?

By: Dave Kearns

Dave Kearns — Tue, 05 Jun 2007 17:20:31 +0000

What Stefan always ignores is that self-generated key pairs are not guaranteed to be unique. It is possible (although highly unlikely) for a user to believe they are generating a unique key pair when, in fact, they end up with a second usage of a previous one. More likely (although still rare), two seperate entities could self-generate the same key pair, allowing a linkage which is, in fact, false - but could potentially be very damaging.