Emerging Technology Presentation from CTST

Earlier this week I gave a presentation on an Emerging Technology panel at Card Tech Secure Tech (CTST) in New Orleans. Much of the content was taken from the Virginia Security Summit presentation given a week prior, but I elaborated on using smart cards for strong authentication. A couple of the slides got into using digital certificates to prove someone’s “real” identity to a relying party using OpenID extensions and digital certificate path discovery & validation.

Where do we go from here? I would like to see some of the identity verification concepts that I touched on in the presentation be tested in a pilot. There are also opportunities here to evolve the OpenID specs and extensions, such as PAPE. TrustBearer would like to continue this discussion and explore some pilot ideas. Contact me if you are interested.

Advertisements

3 responses to “Emerging Technology Presentation from CTST

  1. Brian, what do you think are the chances of a new rev of PAPE?

    thanks

    paul

  2. I think that PAPE is a natural place to make extensions such as communicating who was the issuer of a user certificate that was verified during authentication. We touched on some of this in the PAPE-AM proposal.

    Being that some of these attributes are more related to identity, rather than authentication, perhaps it makes sense that the issuer of a certificate related to identity be communicated somewhere else (SReg?), but since it’s so tightly coupled with authentication, that initially leads me to think about extensions to PAPE.

  3. Brian, I agree about the appropriate place. But the sense I get is that the drivers of PAPE are in no hurry to rev it

    paul

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s