Add a section summarizing the "cryptographic attestation of personhood" proposal by Cloudflare. Add associated bibliography entries.

Jason White · Jason · commit e94167aeae70 · 2021-11-09T16:11:54.000-05:00
diff --git a/biblio.js b/biblio.js
@@ -28,6 +28,20 @@ respecConfig.localBiblio = {
 		"publisher": "Anti-Phishing Working Group",
 		"href": "http://antiphishing.org/APWG_Phishing_Activity_Report_Jul_05.pdf"
 	},
+    "attestation": {
+	"authors": ["Thibault Meunier"],
+	"title": "Humanity wastes about 500 years per day on CAPTCHAs. It’s time to end this madness",
+	"publisher": "Cloudflare",
+	"date": "13 May 2021",
+	"href": "https://blog.cloudflare.com/introducing-cryptographic-attestation-of-personhood/"
+    },
+    "attestation-zero-knowledge": {
+	"authors": ["Watson Ladd"],
+	"title": "Introducing Zero-Knowledge Proofs for Private Web Attestation with Cross/Multi-Vendor Hardware",
+	"publisher": "Cloudflare",
+	"date": "12 August 2021",
+	"href": "https://blog.cloudflare.com/introducing-zero-knowledge-proofs-for-private-web-attestation-with-cross-multi-vendor-hardware/"
+    },
 	"breaking": {
 		"title": "Breaking CAPTCHAs Without Using OCR",
 		"date": "",
diff --git a/index.html b/index.html
@@ -153,11 +153,15 @@ <h4>Biometrics</h4>
 255 of the Communications Act, 36 CFR 1194, Appendix C</a>, section 403 in the
 United States [[36-cfr-1194]].</p>
 
-<p>For this reason, biometric identification systems should be designed to allow users to choose among multiple and unrelated biometric identifiers. With that sole caveat, properly designed biometric identification systems are particularly attractive in situations where it is necessary to identify a particular human user. Their reliability is high, the cognitive load placed on the user low, and they are particularly difficult to foil. They have not yet been rendered suitable, however, in circumstances when it is necessary to preserve the user’s anonymity (i.e., the task is verifying that the user is human, without providing identifying information).</p>
-
+<p>For this reason, biometric identification systems should be designed to allow users to choose among multiple and unrelated biometric identifiers. With that sole caveat, properly designed biometric identification systems are particularly attractive in situations where it is necessary to identify a particular human user. Their reliability is high, the cognitive load placed on the user low, and they are particularly difficult to foil.  However, conventional applications of biometric authentication verify, and therefore disclose, the user's identity. They are thus unsuitable under circumstances in which it is desirable to preserve the user's anonymity reasons of privacy, while nevertheless establishing that the entity attempting to access an online service is human. The scheme described in the next section is designed to solve this problem.</p>
 
 			</section>
+			<section>
+			  <h4>Cryptographic Attestation of Personhood</h4>
+			  <p>An approach designed to verify that the user is a person, while preserving individual privacy, has recently been proposed by Cloudglare [[attestation]]. It is built upon the Web Authentication (WebAuthn) API [[webauthn-1]]. The WebAuthn registration process is invoked to establish that the user is in control of a hardware authentication device produced by a known and trusted manufacturer, as determined by a valid chain of digital certificates. If biometric authentication occurs in this procedure, as it typically does, then it is used only to unlock the private cryptographic key of the authentication device, and hence the user's identity is never explicitly disclosed to the party requesting evidence of personhood. A variant of this scheme has also been developed which offers stronger protection of privacy by not revealing the identity of the device manufacturer, which could be exploited in combination with other information to infer the user's identity.  This version of the approach requires the implementation of a protocol based on zer-knowledge proofs [[attestation-zero-knowledge]].</p>
+			  <p>Since the user is free to choose among a variety of authentication devices from reliable manufacturers, the hardware can be selected that best satisfies his or her accessibility-related needs and preferences. The inherent flexibility of the proposed approach is clearly advantageous to both security and accessibility.</p>
 			</section>
+		      </section>
 			<section id="noninteract">
 				<h3>Non-Interactive Stand-Alone Approaches</h3>
 

-Original file line number
+Diff line change
 of the Communications Act, 36 CFR 1194, Appendix Ca>, section 403 in the
 United States [[36-cfr-1194]].p>
 -<p>For this reason, biometric identification systems should be designed to allow users to choose among multiple and unrelated biometric identifiers. With that sole caveat, properly designed biometric identification systems are particularly attractive in situations where it is necessary to identify a particular human user. Their reliability is high, the cognitive load placed on the user low, and they are particularly difficult to foil. They have not yet been rendered suitable, however, in circumstances when it is necessary to preserve the user’s anonymity (i.e., the task is verifying that the user is human, without providing identifying information).p>
+-
 +<p>For this reason, biometric identification systems should be designed to allow users to choose among multiple and unrelated biometric identifiers. With that sole caveat, properly designed biometric identification systems are particularly attractive in situations where it is necessary to identify a particular human user. Their reliability is high, the cognitive load placed on the user low, and they are particularly difficult to foil.  However, conventional applications of biometric authentication verify, and therefore disclose, the user's identity. They are thus unsuitable under circumstances in which it is desirable to preserve the user's anonymity reasons of privacy, while nevertheless establishing that the entity attempting to access an online service is human. The scheme described in the next section is designed to solve this problem.p>
 			section>
 +			<section>
 +			  <h4>Cryptographic Attestation of Personhoodh4>
 +			  <p>An approach designed to verify that the user is a person, while preserving individual privacy, has recently been proposed by Cloudglare [[attestation]]. It is built upon the Web Authentication (WebAuthn) API [[webauthn-1]]. The WebAuthn registration process is invoked to establish that the user is in control of a hardware authentication device produced by a known and trusted manufacturer, as determined by a valid chain of digital certificates. If biometric authentication occurs in this procedure, as it typically does, then it is used only to unlock the private cryptographic key of the authentication device, and hence the user's identity is never explicitly disclosed to the party requesting evidence of personhood. A variant of this scheme has also been developed which offers stronger protection of privacy by not revealing the identity of the device manufacturer, which could be exploited in combination with other information to infer the user's identity.  This version of the approach requires the implementation of a protocol based on zer-knowledge proofs [[attestation-zero-knowledge]].p>
 +			  <p>Since the user is free to choose among a variety of authentication devices from reliable manufacturers, the hardware can be selected that best satisfies his or her accessibility-related needs and preferences. The inherent flexibility of the proposed approach is clearly advantageous to both security and accessibility.p>
 			section>
 +		      section>
 			<section id="noninteract">
 				<h3>Non-Interactive Stand-Alone Approachesh3>