Ben Laurie blathering

28 Feb 2007

Map Porn

Filed under: General — Ben @ 11:38

5,000 years of conquest in the Middle East. Beautifully presented, and fascinating.

25 Feb 2007

MySociety Do It Again

Filed under: General — Ben @ 22:34

I’ve been using yet another fantastic site from MySociety, Neighbourhood Fix-It. As always, the idea is fantastically simple, but the execution so perfect. You put in a postcode. You see a map with pointers to problems the local council should fix. You can add your own problems, in which case the council is notified on your behalf, or update existing ones. Beautiful.

What’s even more fantastic is the scrollable, clickable map is done entirely without Javascript. How cool is that?

22 Feb 2007

OpenSSL Gets FIPS 140-2 … Again!

Filed under: Crypto,Open Source — Ben @ 12:36

I’ve lost track of how many times we’ve got this certificate and had it taken away, but apparently we have it once more. And it only took five years and endless amounts of work and politics.

19 Feb 2007

CardSpace Cannot Provide Privacy

Kim Cameron writes about “token independence” and how SAML doesn’t have it. As far as I can see, token independence is yet another word for unlinkability – that is, if I present a token twice, the two presentations should not be linkable. Of course, MS have a new word for this, too – they call it “non-auditing”.

However, Kim continues to be in denial about the impossibility of achieving this with traditional crypto. As I point out at every opportunity I get, a signed assertion using any traditional method is inherently linkable, because the signature itself is invariant. Scott Cantor points this out in a comment on Kim’s blog

I don’t think it’s enough to remove a couple of XML attributes to avoid the correlation attack you’re talking about. I think it requires non-traditional cryptography to present a signed claim of anything from a third party in such a way that the whole bag of bits can’t be used as a correlatable handle

Kim tries to wriggle out of this by saying

You don’t need special cryptography as long as you are willing to employ “bearer tokens” to convey non-unique assertions. You do need blind signatures once you want to associate tokens with proof keys.

I think by “bearer tokens” he means self-asserted tokens. This is surely a completely incorrect use of the term, but I assume its what he meant, since he seems to be saying the other possibility is a token signed by a “proof key” – whatever that is; presumably a key the relying party trusts in some way. Assuming all my guesses at his terminology are correct, then this argument is self-defeating – if the tokens are self-asserted, then they can be constructed on the fly each time they are needed, and so SAML will work just as well as any other way of expressing tokens, since the correlating fields can be changed each time.

If Microsoft are really serious about providing “non-audit” (i.e. unlinkable) modes for CardSpace, then they need to get with the program and stop trying to pretend that they can do this with RSA signatures. Its a shame that they’re going to such lengths to make CardSpace good but can’t quite seem to go the last mile and make their claims actually true. Perhaps they don’t want to?

16 Feb 2007

Summer of Code

Filed under: Open Source — Ben @ 13:10

For the third year running, Google is sponsoring open source development with their Summer of Code program. Start thinking about projects you’d like to mentor now (or if you are a student, encourage your mentor of choice to sign up).

West London Tram

Filed under: General — Ben @ 12:48

I realise this probably isn’t of interest to many of my readers, but its an issue that affects me so you get to read about it.

Ken Livingstone has a hard-on for a tram running down the Uxbridge Road (which is very near where I live). I have absolutely no idea why, because practically everyone else thinks its a totally stupid idea. I won’t bother to link to it, because if it affects you, you’ll already know too much.

What I will link to is the petition against it hosted by Number 10.

6 Feb 2007

The Tories Hate ID Cards

They don’t work, they cost an arm and a leg, and they create a surveillance state. In short.

5 Feb 2007

Microformats, Decoupling and Self-Contained Standards

Filed under: Distributed stuff,Rants — Ben @ 4:03

Perhaps I don’t get microformats. I keep hearing people wanting to invent their own format for things for which we already have half a dozen known standards. When pressed, the justification is either that it is too complicated, or that they want to “decouple” from whatever-it-is that the existing formats are “supposed” to be for.

Sometimes this is fair comment, but often it seems to me to entirely miss the point. When a standard format is self-contained (that is, it doesn’t rely on being embedded in a whole mess of infrastructure in order to be meaningful) there’s no reason to associate it with its normal environment. Because it is self-contained you can just pick it up and use it elsewhere. There are many formats like this, at all levels of the stack; examples are OpenPGP, iCal, vCard, practically all XML, and, if you get right down to it, most of TCP/IP (witness amusing standards like IP over carrier pigeon – no, really, RFC 1149 – and its even been implemented).

How about complicated? Well, I contend that any widely used standard format has libraries that can parse it, and if it doesn’t, then software engineers need to put their software architect heads on occasionally, dammit.

So, neither of these arguments are standing up, as far as I can see. Which leads me to wonder: what are microformats all about? Why do people want to decouple? Are they just lazy? Or do they hate the communities that make the standards so much they want nothing to do with them? Or are they merely misguided?

Or have I totally missed the point, and microformats are actually only used where there’s no existing self-contained standard?

Answers on a postcard, please!

Powered by WordPress