See..
SAML IPR statements have been revised to explicit “defensive suspension”
..though don’t forget to also see this following message noting that AOL lead this charge by example, which those of us working behind the scenes to effect this overall posture liberally pointed to..
Re: SAML IPR statements have been revised toexplicit “defensive suspension”
The SSTC/SAML IPR Statements […]
The Liberty Alliance recently announced availability of:
ID-WSF 2.0 (DRAFT), the Identity Web Services Framework (ID-WSF), Draft Release 3
We’re getting very close to completing ID-WSFv2.0. I expect the delta between this Draft Release 3 specification set and the WSFv2.0 “final” spec set to be pretty small.
If you are interested in secure, identity-enabled, SOAP-based web services […]
A report on the security risks of applying CALEA to VoIP is available on the ITAA.org website. To quote the site:
A new ITAA study by Internet gurus Vint Cerf, Whit Diffie and other experts warns that extending CALEA wiretap measures to Voice over Internet Protocol communications could stall innovation and introduce major security problems.
One of […]
Whodentity is an excellent “who’s who” compendium of players in the identity industry, by Mark Dixon.
Technorati Tags: Identity, identity players
From various discussions held with various folks, e.g. on the IDWorkshop mailing list (aka “Identity Gang“), it has become apparent that the major sticking point w.r.t. SAMLv2 adoption in some quarters, e.g. in the “scripting” world (e.g. PHP/Perl/Python/Ruby), is the present SAMLv2 bindings‘ mandated reliance on XML Digital Signature (aka “XMLdsig”, http://www.w3.org/TR/xmldsig-core/). Interoperable XMLdsig libraries […]
The term “Single Sign-On”, and/or it’s typical acronym “SSO”, is used all over the place — for example in piles of specifications from various SDOs (Standards Developing/Development Organization) and other orgs (eg corporations, .edu world, government, etc). Does anyone — including the authors of said specifications — actually believe that a person would […]
Dan Boneh yesterday announced the open registration (free, as in beer) for the 2nd Annual TIPPI Workshop at Stanford University. Looks like there is an interesting batch of papers to be presented, which have relevance to recent discussions on the IETF-HTTP-Auth@ mailing list (especially threads during May-2006, e.g. “New draft on anti-phishing requirements”, “BOF proposal”, […]
Liberty Alliance is hosting an Identity Web Services Framework Developer’s Workshop in San Francisco on 12-Jun-2006, ahead of the Burton Catalyst conference. It’s free, although the registration cutoff is 10-Jun. There will be several presentations by ID-WSF architects, including an ID-WSF overview (by Conor Cahill), a People Service overview (by Hubert Le Van Gong), and […]
There will be an “Identity Open Space (IOS)” Unconference held in Vancouver BC in Jul-2006, during the same week as the Liberty Alliance Project holds their quarterly members’ meeting in the same town. In fact, all Identity Open Space attendees are invited to attend the Vancouver Liberty members’ meeting!
This IOS event is billed as a […]
If you are aware of the term “traffic analysis“, then you’ll perhaps find this blurb from Steve Bellovin, concerning reference to an awareness of messaging patterns in Elizabethan times, on the Cryptography mailing list, to be of interest…
Elizabethan traffic analysis
Technorati Tags: Security