Robin Wilton's esoterica

       
 
« Fingerprint biometri... | Main | All a question of... »

30 Aug · Thu 2007

Gerry Beuchelt on OpenID/Cardspace


There's been a fair bit of mailing-list discussion recently about implementing of an OpenID token within an Infocard profile. On the face of it, there are four readily-identifiable reasons why one might want to try this:

1 - to capitalise on the probability that Cardspace will grow in pervasiveness;

2 - to see whether it benefits from the addition of OpenID-style flexibility;

3 - to see whether, conversely, OpenID's much-discussed phishability can be reduced by using a different vector for its tokens;

4 - as a more general experiment in 'interworking' between different current identity technologies.

On 3 and 4, at least, the results seem positive. However, Gerry offers a balanced and penetrating analysis of the over-all project here, which I recommend.

If I can paraphrase his conclusions very roughly: 'it's an interesting and useful experiment, but tends to fail the "so what?" test. It is unlikely to improve user security, because technical limitations mean users are unlikely to form an accurate view of the extent to which they are protected or not.'

Posted by racingsnake @ 10:18 AM GMT+00:00
 
 
 
 
Comments:

Post a Comment:
Comments are closed for this entry.
 
« November 2009
MonTueWedThuFriSatSun
      
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
      
Today

unsubscribe from human rights abuse in the war on terror
Locations of visitors to this page
Such views as I express in this blog are based on my own opinions, experience and judgements. They do not necessarily represent the policy or views of my employer. It is not my intention to offend readers in any way. If you find anything on this blog offensive, please contact me in the first instance.
Robin Wilton
www.flickr.com

Links to recent entries

[RSS Newsfeed]

Valid XHTML or CSS?

[This is a Roller site]
Theme by Rowell Sotto.
What's this?
 
© racingsnake