Comments for IdentityMeme.org

Comment on Finishing up the HSTS spec — IETF-wide Last Call by IdentityMeme.org » Blog Archive » HTTP Strict Transport Security (HSTS) Approved as Proposed Standard RFC

Tue, 02 Oct 2012 16:38:48 +0000

[...] As I’d noted back in July, the draft HSTS spec was in IETF-wide last call, from which we exited in August with various helpful comments. We applied summore elbow grease to the ol’spec and shipped it to the IESG (Internet Engineering Steering Group) for further inspection, received more good comments, subsequently applied more tweaks and polish, and voila(!), this morning we have this little missive in our email… [websec] Protocol Action: ‘HTTP Strict Transport Security (HSTS)’ to Proposed Standard (draft-ietf-websec-strict-transport-sec-14.txt) [...]

Comment on of TLS/SSL Server Identity Checking by Twitter Trackbacks for IdentityMeme.org » Blog Archive » of TLS/SSL Server Identity Checking [identitymeme.org] on Topsy.com

Tue, 01 Feb 2011 23:30:36 +0000

[...] IdentityMeme.org » Blog Archive » of TLS/SSL Server Identity Checking identitymeme.org/archives/2011/02/01/of-tlsssl-server-identity-checking/ – view page – cached Aside from HSTS, which I’ve written about here earlier, I’ve also been working on a specification for “TLS/SSL Server Identity Checking” along with Peter Saint-Andre. [...]

Comment on Firesheep and HSTS (HTTP Strict Transport Security) by Twitter Trackbacks for IdentityMeme.org » Blog Archive » Firesheep and HSTS (HTTP Strict Transport Security) [identitymeme.org] on Topsy.com

Fri, 29 Oct 2010 18:56:34 +0000

[...] IdentityMeme.org » Blog Archive » Firesheep and HSTS (HTTP Strict Transport Security) identitymeme.org/archives/2010/10/29/firesheep-and-hsts-http-strict-transport-security/ – view page – cached Firesheep, released earlier this week, is a Firefox add-on that enables one to easily capture HTTP application session cookies from other users communications with specific popular sites. The problem it exploits is that many sites protect the initial reusable shared password-based authentication with TLS/SSL, but then revert further communication to unsecured HTTP. This exposes any application… Read moreFiresheep, released earlier this week, is a Firefox add-on that enables one to easily capture HTTP application session cookies from other users communications with specific popular sites. The problem it exploits is that many sites protect the initial reusable shared password-based authentication with TLS/SSL, but then revert further communication to unsecured HTTP. This exposes any application session cookies employed by the site, and returned by users’ browsers to the site on every request, to capture and replay by an attacker. This enables one to hang out on a local network, your favorite coffee shop for instance, and hijack others’ interactions with various social networking sites and retailers, for example. View page Tweets about this link [...]

Comment on New rev of SIP-SAML profile by Hannes Tschofenig » Blog Archive » New rev of SIP-SAML profile

Hannes Tschofenig » Blog Archive » New rev of SIP-SAML profile — Fri, 07 Nov 2008 13:17:00 +0000

[...] See http://identitymeme.org/archives/2008/11/04/new-rev-of-sip-saml-profile/ [...]

Comment on (Draft) Technical Comparison: OpenID and SAML by Speaking of Standards » Blog Archive » A Technical Comparison of OpenID and SAML

Fri, 08 Feb 2008 15:44:45 +0000

[...] It’s great to see this kind of technical research now coming out in the field. The more we have of this kind of work the closer we will be to having solid and secure forms of online identity. If you are interested in reading the paper, it can be found here. [...]

Comment on Will “open internet” IDM Migrate Towards “trust circles” ? by Openid » Will “open internet” IDM Migrate Towards “trust circles” ?

Openid » Will “open internet” IDM Migrate Towards “trust circles” ? — Tue, 22 Jan 2008 04:15:42 +0000

[...] Web Analysis By Morad wrote an interesting post today on Will â��open internetâ�� IDM Migrate Towards â��trust circlesâ�� ?Here’s a quick excerptBut I digress… Technorati Tags: deployment, openid, saml, Security, trust… [...]

Comment on New version of OpenID SAML comparison document by Openid » New version of OpenID SAML comparison document

Openid » New version of OpenID SAML comparison document — Mon, 21 Jan 2008 22:28:17 +0000

[...] JeffH wrote an interesting post today on New version of OpenID SAML comparison documentHere’s a quick excerptI’ve done a modest editorial and copy editing update to the OpenID SAML technical comparison document announced earlier. Going forward, the latest rev will be available via this URL: … [...]

Comment on (Draft) Technical Comparison: OpenID and SAML by IdentityMeme.org » Blog Archive » New version of OpenID SAML comparison document

Mon, 21 Jan 2008 20:54:39 +0000

[...] I’ve done a modest editorial and copy editing update to the OpenID SAML technical comparison document announced earlier. Going forward, the latest rev will be available via this URL: http://identitymeme.org/doc/draft-hodges-saml-openid-compare.html Technorati Tags: authentication, Open Standards, openid, saml, Security, simplified sign on, single sign on [...]

Comment on (Draft) Technical Comparison: OpenID and SAML by Hannes Tschofenig » Technical Comparison: OpenID and SAML

Hannes Tschofenig » Technical Comparison: OpenID and SAML — Wed, 09 Jan 2008 09:33:39 +0000

[...] blogpost: (Draft) Technical Comparison: OpenID and SAML [...]

Comment on Latest revisions of SAML-LSSO and SimpleSign specs by IdentityMeme.org » Blog Archive » Latest Revision of SAML HTTP POST-SimpleSign Binding Spec

Fri, 02 Feb 2007 23:23:06 +0000

[...] Note that this SAML Binding composes with the SAML-lSSO profile spec in order to realize a Lightweight SAML Web Browser SSO profile+binding where security and trust can be dialed from zero to full-on by implementors/deployers, as previously written about here. [...]