Archives for posts with tag: trust

Following the discussion at the Radboud University on the future of authenticating websites, I lead a similar discussion at TNO. This again lead to many remarks and suggestions, many of which were also raised in Nijmegen. But a few new observations were made as well.

Read the rest of this entry »

The recent hack of DigiNotar and the resulting upheaval (it was even discussed in Dutch parliament yesterday), has made painfully clear that the current system of certifying websites is insecure and needs replacement. During a discussion on this topic with my colleagues of the Digital Security group of the Radboud University Nijmegen, the following issues and ideas came up. I’d like to share them with you, and welcome any comments you may have.

Read the rest of this entry »

Systems for identity management suffer from severe security, privacy and usability issues. A few of them I have discussed previously. Security is the topic of today’s post.

Read the rest of this entry »

Systems for identity management suffer from severe security, privacy and usability issues. A few of them I have discussed previously. Today I will discuss trust. Trust assumptions in identity management are ill understood, and this leads to interesting security problems.

Read the rest of this entry »