[Discuss] Reusing Passwords on Different Sites Should be OK

Edward Ned Harvey (blu) blu at nedharvey.com
Fri Sep 18 12:09:08 EDT 2015


> From: Discuss [mailto:discuss-bounces+blu=nedharvey.com at blu.org] On
> Behalf Of Chris Markiewicz
> 
> This is such a bizarre interpretation of "Third-party". A password
> should be considered a secret between two parties: client and server.
> But again, conceded that this is a problem.

I get what you're saying - You're not saying that I'm trying to twist third party doctrine into something it's not. You're saying third party doctrine is itself a bizarre interpretation, that contradicts what a rational person would expect to be held private.

And you're right. The case example to demonstrate this is lavabit. He created that whole business for the explicit purpose of providing privacy and security. That's the premise on which he gained all his users, and yet, when the feds came after him, they told him his users had no reasonable expectation of privacy.



More information about the Discuss mailing list