mcr
commented
5 months ago One way to solve this is to defer to a third party that is trusted with exactly one task: They can, when actively attacking (or just being used) read your identifying information, and promise to only relay that to other parties in your organization. The organization may run that on their own (in which case they'd probably pick LOC_W="" and take the risk of just seeing many decryption failures whenever they encounter devices of someone else who does the same), or they may use any global provider, where the number of providers should be smaller than the number of organizations using them in any area (maybe 4=len("GAMA")...).
I'm having difficulties understanding this paragraph. I think that LOC_W="" means that V has to know the real value?
chrysn
geonnave
I'm not fully sure where this should go, but authz is probably a good starting point, because it is part of the solution I have in mind right now.
Consider two parties establishing a connection where both have sensitive identities (in terms of being tracked, of ownership, and both actively solicit connections continuously). As an example, a service worker's phone might be constantly listening for beacons of installed equipment, which would report their latest logs, but neither do we want to allow tracking of the worker by identity or affiliation, nor do we want that arbitrary people driving through the city can map where they have equipment installed. (I figure airtags probably do something similar, but it's easier when reporting your manufacturer just is 2-3 bits of information).
One way to solve this is to defer to a third party that is trusted with exactly one task: They can, when actively attacking (or just being used) read your identifying information, and promise to only relay that to other parties in your organization. The organization may run that on their own (in which case they'd probably pick LOC_W="" and take the risk of just seeing many decryption failures whenever they encounter devices of someone else who does the same), or they may use any global provider, where the number of providers should be smaller than the number of organizations using them in any area (maybe 4=len("GAMA")...).
Using authz, this could be used like this: (U = machine, V = phone, W = trustservice; as part of their enrollment, U has learned the public key of W and W knows the mapping from ID_U to CRED_U plus which account this is on, V has a secure channel with W associated with a customer account)
Is that in scope as an application for authz? I think it'd work with authz as-is, and at most need some wording that "it is fine if the voucher response comes back OK without containing a voucher, V should then just continue like that". (Maybe the voucher is also just empty, and in the last step U takes that as the hint that even though V sent a credential, itself it can just send ID_CRED_I=b"").