Today we made the U-Prove crypto specification freely available under the OSP, released open source U-Prove reference implementations in C# and Java, and delivered modules that U-Prove enable our federated identity products…
Being able to uniquely identify someone in some contexts does NOT mean we should have identification in all contexts!
Stefan says people wrongly equate unlinkability with anonymity. But he adds that the unfortunate terminology of ‘anonymous credentials’ is probably increasing everyone's confusion
I especially worry about teaching users to enter ever more obscure personal information into forms appearing on free-floating web pages.
Seminal advance: definition of “covered information” specifically includes device IDs.
The EFF research could help the industry evolve browsers to follow minimal disclosure principles
I don't have much time for standards and protocols that are NOT built on top of experience with implementation.
“Maximal disclosure tokens” release the same information everywhere, whether required or not. They often include not one, but a whole set of omnidirectional identifiers.
I don’t want every assertion I make to be verified by some bureaucratic process. I don’t run around in the molecular world armed with official documents that I present to every Tom, Dick and Harry.
California court adopts minimal disclosure, objecting to businesses recording ZIPs – when the practice is “unnecessary to the sales transaction.”
