24.07.2005 14:12

Laws of Identity

An interesting link was posted to Slashdot. It's about so called Laws of Identity. The idea comes from a place that doesn't connect with privacy and such things, but is worth looking into.

First impression isn't good. The intro text says:

The Internet was built without a way to know who and what you are connecting to. This limits what we can do with it and exposes us to growing dangers. If we do nothing, we will face rapidly proliferating episodes of theft and deception that will cumulatively erode public trust in the Internet.
[...]Taken together, these laws define a unifying identity metasystem that can offer the Internet the identity layer it so obviously requires.

I'm not sure if 'obviously' is a good word here. I don't see such a need. I deal with the current Internet without problems. The thing that worries me is the problem with sites that want too much of my identity. For websites SSL and certificates work OK (if you look inside them).

Then continue the PDF version ('Browser version' doesn't work -- 404 error). It states that the dangers are: phishing, spyware etc.

I must say that those dangers are highly theoretical to me. I have never had a problem with phishing. I have never had a piece of spyware. In my opinion not identity system is the solution to the problem. It's all about user habbits, lack of knowledge and such things.

When I reached the laws...Well. They're logical. They're simple. Just OK. If you assume that such system is needed, you may use them. I don't find the assumption correct, however.

Posted by Mara | Categories: Security