I’m back in San Diego after participating with Karen in the Internet Identity Workshop that took place last week in Mountain View. It was a great workshop, with many in-depth discussions of a broad range of topics. The most interesting ones for me were those concerning NSTIC.
I convened the session “How to meet privacy goals of NSTIC” where I presented the contents of the white paper “Achieving the Privacy Goals of NSTIC in the Short Term” and showed companion PowerPoint slides illustrating protocol steps.
There was a lively discussion. One of the points that were debated was whether a Web application that acts as relying party in a social login scenario (e.g. by featuring a button “Log in with Facebook”), could and/or should remain anonymous with respect to the social site (e.g. Facebook). Social login combines authentication and authorization, and the application not only is provided with the user’s identity relative to the social site, but also is given a level of access to the user’s account at the site.
Some people argued that the social site has to protect the user against malicious applications, and must therefore register applications that want to act as relying parties, so that it can revoke the registration of an application that misbehaves. I argued that the user should be allowed to take responsibility for the applications he or she wants to use, that requiring registration gives the social site too much power over applications, and that the identity of the relying party should not be revealed to the social site as a matter of user privacy.
This is an important debate that will no doubt continue. It highlights the contrast between current technology and one of the privacy goals of NSTIC.