The 10th Internet Identity Workshop this week had record attendance. Since that first one, five years ago, amazing adoption has happened: pretty much all major technology companies have implemented, more than a billion identities in the market, tens of thousands of sites accept them, more people show up to IIW — it must be the [...]
Continue reading about The Best and the Worst of Times: Whence Internet Identity?
Steven J. Murdoch and Ross Anderson, in the very worthwhile “Verifi ed by Visa and MasterCard SecureCode: or, How Not to Design Authentication” assert: While other single sign-on schemes such as OpenID, InfoCard and Liberty came up with decent technology they got the economics wrong… To which I can only respond: “you wish. We don’t have [...]
As of this week’s Internet Identity Workshop, I’m now rather convinced that an “identity selector” is the wrong product and the wrong feature set, regardless of the exact details of a particular vendor’s implementation. Several discussions in several contexts, including how to best make a browser identity-aware, all point to the same conclusion, regardless if [...]
Continue reading about Why We Really Don’t Need an “Identity Selector”
Recent comments