I’ll be speaking at Network Security 2006 in Washington, D.C. The session is a panel discussion on ‘User Authentication Technologies’, moderated by Radia Perlman. I will be spaking on SAML, Liberty and some new developements in that area, with a…
Category: Security
Pat found this interesting article by Chuck. It is on a Java implementation of the InfoCard protocol. Tags: InfoCard, Interoperability, Java, Identity
Now that I have less time than ususal, it might be a good time to restart some of my GSS-SAML efforts. If you are interested, I suggest you subscribe to saml-mechanism@washington.edu and/or check the archives. To get something for the…
I recently started to play around with a useful tool called TrueCrypt. It allows to create an encrypted diskfile, that can be mounted on most major operating systems by giving the proper password. This comes in REALLY handy, when you…
I am currently working on getting a better grip on why DIX should matter at all, particularly with SAML around. Granted, DOX offers a few neat features, but I cannot see why SAML should not be able to support most…
As far as I am concerned, Ethereal is one of the nicest gifts to the open source community. It is a fully blown network protocol analyzer which can be extended to accomodate virtually any protocol you can come up with.…
As far as I am concerned, this has been long due: ECC will now be included in the Sun Web Server, starting with Web Server 7.0. This should help drive adoption of ECC to a new level.
The paper and the slidedeck for the XML 2005 conference are now (already for some time) publicly available. Please find my paper and my slides on GSS-SAML on the conference web site.
Just as a heads up: the IETF 64 proceedings can be found here. Since I did not formally present at any session, you will not find any references to GSS-SAML. However, Sam Hartman’s presentation on ‘Questioning Kerberos Assumptions’ is available…
In a recent discussion a colleague mentioned that my self-coined terminology in the security stack article was somewhat confusing. While I intentionally did this to make sure that the security stack was being treated as an entity in itself, I…