On 08/01/2011 02:36 PM, Nicholas Crown wrote:
If you want it to be private, then share it in a private setting (online or otherwise). If Google+ doesn't offer you that option, then go elsewhere.
I seriously hope that the premise that pseudonymity is a desirable property of an identity system is not open to debate, and that the discussion isn't going to disappear into this particular rathole.
Melinda Shore
Yes. The NSTIC Identity Ecosystem should encompass pseusonymity and also anonymity. Today most of your activity on the Web, other when you pay with a credit card, is anonymous. When you log in to a site with a username and a password, you are just proving that you are the same user who registered earlier with the site. As we move away from passwords we should preserve this anonymity. A simple way to achieve that is to have the Web site itself issue you a "login certificate" when you register, which you use later to log in to the site. (The certificate binds a public key to a reference to the your account at the site, internal to the site. The public key is the public key component of a key pair generated by your browser for the specific purpose of registering with that particular site, so that it cannot be used to track you.) One of the goals of NSTIC is clearly to increase privacy, see for example Howard Schmidt's post to the White House blog on NSTIC and privacy. But unfortunately some of the NSTIC documents seem to suggest that pseudonymity and anonymity belong outside of the NSTIC Ecosystem. That's not right. It would mean that when you want pseudonymity or anonymity you have to keep using passwords. Actually, as more and more sites rely on "Login with Facebook", you may no longer be able to use passwords, and pseudonymity and anonymity may disappear from the Web. At the upcoming NSTIC workshop on technology, we have to insist on providing pseudonymity and anonymity *inside* the NSTIC ecosystem. Francisco Francisco Corella, PhD Founder & CEO, Pomcor Twitter: @fcorella Blog: http://pomcor.com/blog/ Web site: http://pomcor.com