Upon 2020

Category: Digital Identity

  • OpenID et al Security Economics

    Steven J. Murdoch and Ross Anderson, in the very worthwhile “Verifi ed by Visa and MasterCard SecureCode: or, How Not to Design Authentication” assert: While other single sign-on schemes such as OpenID, InfoCard and Liberty came up with decent technology they got the economics wrong… To which I can only respond: “you wish. We don’t have…

  • OpenID Connect? Messina vs. Obasanjo

    Chris Messina thinks the OpenID brand should come to mean a package of a number of related “Open Stack” technologies, called OpenID Connect, and start to compete with Facebook Connect. Dare Obasanjo disagrees: he thinks we only need an OpenID Connect if there were multiple incompatible implementations of Facebook Connect-like products from multiple players, to…

  • Smart Meter Security?

    Seems PG&E is installing smart meters for electricity and gas in our neighborhood. They use some kind of mesh networking. Anybody know how they might be secured?

  • From 1 to a billion in 5 years. What a little URL can do.

    It was at the end of 2004 when I decided to start telling the world about this silly little idea I had had about a year before: give every person on the internet a URL that they could use to identify themselves to any website. Fully decentralized, no permission needed from anybody, under control of…

  • The Credentialed Account Provisioning Anti-Pattern

    I wanted to write about this for a long time. A wait in the doctor’s office has its uses … Here is an example scenario from the real world: Like many schools these days, my son’s school has a website where teachers enter current assignments and grades, and students and parents like me can check…