critical reading for the rude

CheapID… State In a Box

There goes Vinay being brilliant again… and this time a little scary, too.

You should be reading The Gupta Option often.

“Technology becomes policy.”

From SIAB:


I believe we have less than 10 years of legal anonymous free speech on the Internet. People confuse the “Wild West” style properties of a new frontier with fundamental aspects of the digital space and, as court houses and law get built on the Internet, much of the current wildness is inevitably going away.

However, correctly leveraging PKI and the ISA creates the possibility of preserving the politically critical support of free speech with a reasonable expectation of anonymity, except when criminal acts are being performed.

The benefit in this case is the convenience of single sign on across all Internet (and perhaps other) electronic services.

How is this to be achieved? Consider the OpenID standard, a distributed (or, more correctly, federated) ID system which hangs off the Domain Name System namespace. An OpenID identity provider gives out URLs, each one of which has a username and a password. The URL is given out to third parties as the “identity” and back-channel communication occurs between the third party and the OpenID provider to enable log in.

OpenID has about 10 million operational accounts and is being integrated into projects like Wikipedia. It is likely to succeed widely. If not, something else like it is going to take its place, in all probability. The email address has the same basic properties (of hanging off the DNS namespace) and has been used as a default ID namespace up to this point, with much the same properties Ð for most web sites, if I can read the email associated with Account X, then I am that person.

Hanging off the DNS namespace is an interesting thing, because it basically makes personal identities part of the DNS hierarchy. Part of the freedom people feel on the Internet is that, on the Internet, you are a “citizen” of the DNS Government Ð DNS creates the political unit of your email account provider or, if you operate your own domain, yourself. In the event of an investigation, queries follow the DNS chain of command: first WHOIS to identify the domain owner, then an enquiry to the domain owner about the conduct or identity of a given user.

This usually results in either a real name, or an IP address, which is then mapped back to service providers, then billing records, then an actual hard physical identity. Internet users typically feel rather violated by having their online actions tracked back to their physical location because it is a cross-namespace violation, rather like having a foreign nation state come and enforce its laws on you. These illusions have built up through common custom and the largely privileged academic communication which was the initial environment of the internet. That separateness is largely collapsing as the Internet becomes a part of the “real world” and the new privileged spaces are massively multi-player online roleplaying games like Warcraft, Second Life and Everquest.

Authentication for these systems is extremely problematic. Computer security is very ineffective for most home users, and falsely authorized emails generated by viruses, for example, are a common problem. Online banking security is constantly under attack from criminals compromising home computer security over unaccountable emails. This situation cannot go on indefinitely.

The solution is simple: a special, privileged class of Single Sign On Identity Providers who require an ISA-style blind contract before they will provide you single sign-on services. An identity with these groups is indicated by a cryptographic signature from the vendor attesting that they have a CheapID contract on file and will reveal it under a specified set of conditions, usually a court order in their native jurisdiction.

Ideally, this move would be coupled with a definitive upgrade in authentication. Pseudo-random number generators, when used for security applications like as the common SecureID tag are subject to man in the middle attacks, so probably we are going to wind up with an additional PKI level, perhaps small USB-type tokens. In any case it would be nice to indicate the level of authentication in the account so that third parties could judge for themselves how much trust they want to put into a log in from a particular SSO provider.

Common Operations

Identity Recovery

Upon display of proof that a given account has engaged in an activity which requires an identity to be revealed (i.e. presentation of a court order) the sign on service returns the original ISA-style blind contract, with associated CheapID Identity Card to the court to decrypt.

Electronic Democracy

With sufficiently secure SSO services, including perhaps specially created government-backed SSO accounts along the lines of the Estonian system, it should be possible to do secure electronic voting over a variety of devices including cell phones. Challenges pertaining specifically to this project will be the subject of another paper. In essence, this discussion is about extending the reach of the Professional Witness to transactions at a remote site like your home, using the media of a cell phone or other computing device as the intermediary. This is non-trivial and may involve windows of revocation in which coercion can be reported, for instance.

Technical Challenges

There are no difficult technical challenges specifically related to the ISA aspects of this system.


October 3, 2007 - Posted by | blogs, geo/pol, info sci, ubicomp | , , , , , , ,

1 Comment »

  1. […] You can read the rest of this blog post by going to the original source, here […]

    Pingback by CheapID… State In a Box | October 3, 2007 | Reply

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: