Comments on: The Certificate Odyssey http://self-issued.info/?p=70 Musings on Digital Identity Tue, 13 Jul 2010 21:17:52 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Cardspace Community Bloggers http://self-issued.info/?p=70&cpage=1#comment-55902 Cardspace Community Bloggers Mon, 19 May 2008 21:40:42 +0000 http://self-issued.info/?p=70#comment-55902 <strong>Worrying rumour...</strong> Word from Redmond is that, inspired by this salesmanship fiasco, in order to demonstrate their corporate... Worrying rumour…

Word from Redmond is that, inspired by this salesmanship fiasco, in order to demonstrate their corporate…

]]> By: Vittorio Bertocci http://self-issued.info/?p=70&cpage=1#comment-51822 Vittorio Bertocci Wed, 07 May 2008 00:46:32 +0000 http://self-issued.info/?p=70#comment-51822 Hi Andy, I blogged about this exact point back in September: you can read the post at http://blogs.msdn.com/vbertocci/archive/2007/09/25/windows-cardspace-will-work-without-https-too.aspx The option of using CardSpace without SSL is very handy for RPs which do not have strong requirements, and the subject authentication is still performed via asymmetric cryptography (checking the signature of the incoming token; see the post above) hence it maintains the good properties that the approach entails. If you want to chat about this in more depth feel free to drop me a line! Cheers, V. Hi Andy,
I blogged about this exact point back in September: you can read the post at http://blogs.msdn.com/vbertocci/archive/2007/09/25/windows-cardspace-will-work-without-https-too.aspx
The option of using CardSpace without SSL is very handy for RPs which do not have strong requirements, and the subject authentication is still performed via asymmetric cryptography (checking the signature of the incoming token; see the post above) hence it maintains the good properties that the approach entails.
If you want to chat about this in more depth feel free to drop me a line!

Cheers,
V.

]]> By: Andy Dale http://self-issued.info/?p=70&cpage=1#comment-51332 Andy Dale Mon, 05 May 2008 14:25:08 +0000 http://self-issued.info/?p=70#comment-51332 While I understand the convenience of the non-ssl implementation... How much does it compromise the overall security pattern? Presumably there was a reason that the SSL only decision was made to start with. While I understand the convenience of the non-ssl implementation… How much does it compromise the overall security pattern?

Presumably there was a reason that the SSL only decision was made to start with.

]]> By: Becoming an RP with the Pamela Project (pt. 2) | drstarcat.com http://self-issued.info/?p=70&cpage=1#comment-51188 Becoming an RP with the Pamela Project (pt. 2) | drstarcat.com Mon, 05 May 2008 01:42:03 +0000 http://self-issued.info/?p=70#comment-51188 [...] as installing an SSL certificate is NOT something to be done by mere mortals (see Mike’s post here–and HE’S not even [...] [...] as installing an SSL certificate is NOT something to be done by mere mortals (see Mike’s post here–and HE’S not even [...]

]]>