http://media.omediaweb.com/rsa2008/mediaplayerVO.htm?speaker=1_4
And if you want to listen to it, there it is as well. Gunnar Peterson wrote: > Hi Gary, > > I think they are doing it, Cardspace is the key enabling technology to > making it happen. Given how many enterprises are federation-enabled (and > how simply the rest can be), the biggest missing piece right now is that > we need an Identity Provider for the Internets. > > Of course this only helps to solve the access control problem, not the > defensive programming problem, you can still shoot yourself in the foot > with SAML and WS-* (Brian Chess and I gave a talk on this at RSA). But > at least it will be nice to have the banks and brokerage houses stop > having people type their username and passwords into web browsers, and > then blaming the consumer when things go amiss. > > -gp > > Gary McGraw wrote: > >> hi sc-l, >> >> Here's an article about Mundie's keynote at RSA. It's worth a read from a >> software security perspective. Somehow I ended up playing the foil in this >> article...go figure. >> >> http://reddevnews.com/features/article.aspx?editorialsid=2470 >> >> So what do you guys think? Is this end-to-end trusted computing stuff going >> to fly with developers? >> >> gem >> >> company www.cigital.com >> podcast www.cigital.com/silverbullet >> blog www.cigital.com/justiceleague >> book www.swsec.com >> >> _______________________________________________ >> Secure Coding mailing list (SC-L) SC-L@securecoding.org >> List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l >> List charter available at - http://www.securecoding.org/list/charter.php >> SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) >> as a free, non-commercial service to the software security community. >> _______________________________________________ >> >> >> > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > _______________________________________________ > > _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________