Comments for Pomcor http://pomcor.com Research in Web Technology Wed, 16 May 2012 21:43:00 +0000 hourly 1 http://wordpress.org/?v=3.2.1 Comment on Pros and Cons of U-Prove for NSTIC by Vadym F http://pomcor.com/2011/10/04/pros-and-cons-of-u-prove-for-nstic/#comment-104 Vadym F Wed, 16 May 2012 21:43:00 +0000 http://pomcor.com/?p=321#comment-104 Regarding overhead of interval proof: it was suggested in the thesis to prove (0,1) bits of powers-of-2, while a better protocol was designed from Lagrange theorem. That is, representing any natural number with 4 squares. Well, one generally needs a group of an order not known to Prover to prove statements about integers. It would be fair to note powers-of-2 approach is only reasonable with current U-Prove implementing groups of a known prime order q. Overhead would go away with groups of a hidden order, if ever available in U-Prove. Regarding overhead of interval proof: it was suggested in the thesis to prove (0,1) bits of powers-of-2, while a better protocol was designed from Lagrange theorem. That is, representing any natural number with 4 squares. Well, one generally needs a group of an order not known to Prover to prove statements about integers.

It would be fair to note powers-of-2 approach is only reasonable with current U-Prove implementing groups of a known prime order q.
Overhead would go away with groups of a hidden order, if ever available in U-Prove.

]]> Comment on Pros and Cons of Idemix for NSTIC by Francisco Corella http://pomcor.com/2011/10/10/pros-and-cons-of-idemix-for-nstic/#comment-103 Francisco Corella Sun, 26 Feb 2012 22:50:00 +0000 http://pomcor.com/?p=339#comment-103 This post was also discussed on the <a href="http://lists.idcommons.net/lists/arc/community/" rel="nofollow">Identity Commons Mailing List</a>. This post was also discussed on the Identity Commons Mailing List.

]]> Comment on Are Privacy-Enhancing Technologies Really Needed for NSTIC? by Francisco Corella http://pomcor.com/2011/10/13/are-privacy-enhancing-technologies-really-needed-for-nstic/#comment-102 Francisco Corella Sun, 26 Feb 2012 22:49:00 +0000 http://pomcor.com/?p=350#comment-102 This post was discussed on the <a href="http://lists.idcommons.net/lists/arc/community/" rel="nofollow">Identity Commons Mailing List</a>. This post was discussed on the Identity Commons Mailing List.

]]> Comment on Deployment and Usability of Cryptographic Credentials by Francisco Corella http://pomcor.com/2011/10/16/deployment-and-usability-of-cryptographic-credentials/#comment-101 Francisco Corella Sun, 26 Feb 2012 22:49:00 +0000 http://pomcor.com/?p=361#comment-101 This post was discussed on the <a href="http://lists.idcommons.net/lists/arc/community/" rel="nofollow">Identity Commons Mailing List</a>. This post was discussed on the Identity Commons Mailing List.

]]> Comment on Credential Sharing: A Pitfall of Anonymous Credentials by Francisco Corella http://pomcor.com/2011/12/19/credential-sharing-a-pitfall-of-anonymous-credentials/#comment-100 Francisco Corella Sun, 26 Feb 2012 22:39:00 +0000 http://pomcor.com/?p=406#comment-100 This blog post was discussed in the <a href="http://lists.idcommons.net/lists/arc/community" rel="nofollow">Identity Commons Mailing List</a>. This blog post was discussed in the Identity Commons Mailing List.

]]> Comment on OpenID Providers Invited to Join in an NSTIC Pilot Proposal by Francisco Corella http://pomcor.com/2012/02/10/openid-providers-invited-to-join-in-an-nstic-pilot-proposal/#comment-99 Francisco Corella Sun, 26 Feb 2012 22:31:00 +0000 http://pomcor.com/?p=449#comment-99 This blog post was discussed in the <a href="http://lists.openid.net/pipermail/openid-general/" rel="nofollow">OpenID General Discussion Mailing List</a> and the <a href="http://lists.idcommons.net/lists/arc/community" rel="nofollow">Identity Commons Mailing List</a>. This blog post was discussed in the OpenID General Discussion Mailing List and the Identity Commons Mailing List.

]]> Comment on One-Click OpenID: A Solution to the NASCAR Problem by Francisco Corella http://pomcor.com/2012/02/13/one-click-openid-a-solution-to-the-nascar-problem/#comment-98 Francisco Corella Sun, 26 Feb 2012 22:25:00 +0000 http://pomcor.com/?p=456#comment-98 This blog post was also discussed in the <a href="http://lists.openid.net/pipermail/openid-general/" rel="nofollow">OpenID General Discussion Mailing List</a> and the <a href="http://lists.idcommons.net/lists/arc/community" rel="nofollow">Identity Commons Mailing List</a>. This blog post was also discussed in the OpenID General Discussion Mailing List and the Identity Commons Mailing List.

]]> Comment on Do-Not-Track and Third-Party Login by Francisco Corella http://pomcor.com/2011/11/06/do-not-track-and-third-party-login/#comment-97 Francisco Corella Sun, 26 Feb 2012 22:20:00 +0000 http://pomcor.com/?p=388#comment-97 This blog post was discussed on the <a href="http://lists.idcommons.net/lists/info/community" rel="nofollow">Identity Commons Mailing List</a>. This blog post was discussed on the Identity Commons Mailing List.

]]> Comment on One-Click OpenID: A Solution to the NASCAR Problem by Francisco Corella http://pomcor.com/2012/02/13/one-click-openid-a-solution-to-the-nascar-problem/#comment-95 Francisco Corella Tue, 14 Feb 2012 05:18:00 +0000 http://pomcor.com/?p=456#comment-95 If you read the whole paragraph you'll see we are in agreement. In OAuth the relying party has to preregister with the identity provider. That's a BAD thing, because the user cannot freely choose any identity provider. Since the user cannot choose freely, the problem of how to communicate a free choice doesn't come up. So an OAuth relying party just shows one or two buttons with the logos of the identity providers (social sites) that it supports. And the user is redirected to the identity provider with a single click. What I'm proposing provides the same one-click simplicity in OpenID, without sacrificing the freedom of choice proviced by OpenID. To summarize: I do like OpenID better than OAuth :-) If you read the whole paragraph you’ll see we are in agreement. In OAuth the relying party has to preregister with the identity provider. That’s a BAD thing, because the user cannot freely choose any identity provider. Since the user cannot choose freely, the problem of how to communicate a free choice doesn’t come up. So an OAuth relying party just shows one or two buttons with the logos of the identity providers (social sites) that it supports. And the user is redirected to the identity provider with a single click. What I’m proposing provides the same one-click simplicity in OpenID, without sacrificing the freedom of choice proviced by OpenID.

To summarize: I do like OpenID better than OAuth :-)

]]> Comment on One-Click OpenID: A Solution to the NASCAR Problem by Andrew Arnott http://pomcor.com/2012/02/13/one-click-openid-a-solution-to-the-nascar-problem/#comment-94 Andrew Arnott Tue, 14 Feb 2012 04:30:00 +0000 http://pomcor.com/?p=456#comment-94 "OpenID. Unfortunately, this feature comes with a difficult challenge: how to provide the relying party with the information it needs to interact with the identity provider. OAuth does not have this problem because the relying party has to preregister with the identity provider, ..." Wait what? I think you've got it backwards. OpenID doesn't have the problems that OAuth has, because OpenID has discovery of Providers built-in, whereas OAuth has no such discovery built in. “OpenID. Unfortunately, this feature comes with a difficult challenge: how to provide the relying party with the information it needs to interact with the identity provider. OAuth does not have this problem because the relying party has to preregister with the identity provider, …” Wait what? I think you’ve got it backwards. OpenID doesn’t have the problems that OAuth has, because OpenID has discovery of Providers built-in, whereas OAuth has no such discovery built in.

]]>