This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/cooperation-wg@ripe.net/
[cooperation-wg] Elephants and eIDs
- Previous message (by thread): [cooperation-wg] Elephants and eIDs
- Next message (by thread): [cooperation-wg] Elephants and eIDs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Patrik Fältström
paf at frobbit.se
Sun May 1 17:33:14 CEST 2016
On 1 May 2016, at 17:22, Nick Hilliard wrote: > 2. irrevocable tokens (e.g. biometrics in national ID cards) as trust > credentials on the Internet. One of the centre-pieces of trust is that > it can be revoked. If something cannot be untrusted, it should not be > trusted in the first place. Note though that this conclusion of yours, which I agree with, does not imply revocation lists must exists. It might be that the time to live on the validation one do is short. After that, it must be validated again (which might fail). This specifically works if the one handing out the "positive validation token" can say for how long it is valid. I.e. for me the first mistake in design of trust systems is to think one can use irrevocable tokens. The second that revocation lists works. But that is an implementation issue of the major issue you bring up -- which once again I agree with. Patrik -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 203 bytes Desc: OpenPGP digital signature URL: </ripe/mail/archives/cooperation-wg/attachments/20160501/d1cc9a04/attachment.sig>
- Previous message (by thread): [cooperation-wg] Elephants and eIDs
- Next message (by thread): [cooperation-wg] Elephants and eIDs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]