-
Argh, which website accounts do I have?
A few years ago my problem was how to manage the passwords of 200+ on-line accounts. It’s gotten worse. Now I don’t remember what on-line accounts I have! Just now Paypal indicated to me that I apparently used to have a Paypal account with a certain e-mail address (that I’ve used for 10+ years). I…
-
X.509 certs are less secure than you might think
This post is prompted by T.Rob’s recent post “We’re gonna need a bigger crowd” where, among other things, he talks about X.509 certificate security. I agree with the core point of his post – crowd-sourcing is ineffective for highly specialized subjects – but this X.509 subject keeps coming up. It is one of the rare…
-
Intro to Personal Clouds at IIW
This week, I had the honor to give the intro presentation on Personal Clouds at the Internet Identity Workshop. Dan Blum, previously Distinguished Analyst at Gartner and now with Respect Network, joined me in the second part. We had a packed room, and the audience reception was incredibly positive. It seemed the entire IIW has…
-
Mozilla Persona: nicely made but who has the incentive to adopt it?
I played a bit with Mozilla’s foray into digital identity, Persona. It’s integrated nicely into OpenPhotoTrovebox, a great open-source photo publishing app, and Persona works really well with. Very smooth and elegant. But: Persona’s #1 selling feature is privacy. Unlike most other identity technologies (e.g. OpenID), Persona does not tell your identity provider about all…
-
Why AccountChooser Isn’t
In time for #CIS2012, the OpenID Foundation and Google released a new version of accountchooser.com, a set of open-source software components that, as the name indicates, lets you choose your account on the web. Except that it doesn’t. Compare with a bank. Let’s say I want to check my balance at my bank, the accountchooser.com…