Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

I asked the guy making the presentation about the similarity to Kerberos message flows and he said something to the effect of ah yes, kerberos. Not sure what the guy meant by that. But yes, SAML flows are just like Kerberos flows. And Liberty and WS-Federation look a lot like DCE cross-cell

Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

On Mon, 2003-12-29 at 10:16, Rich Salz wrote: Not sure what the guy meant by that. But yes, SAML flows are just like Kerberos flows. And Liberty and WS-Federation look a lot like DCE cross-cell (er, Kerberos inter-realm) flows. After all, there's only not many ways to do secure online

Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

At 02:01 PM 12/23/2003 -0500, Rich Salz wrote: How many years have you been saying this, now? :) How do those modern online environments achieve end-to-end content integrity and privacy? My guess is that they don't; their use of private value-add networks made it unnecessary. If my guess

Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

At 02:29 PM 12/25/2003 +1300, Peter Gutmann wrote: X.509 certs were designed to solve the problem of authenticating users to the global X.500 directory. So they're good at what they were designed for (solving a problem that doesn't exist [0]), and bad at everything else (solving any other sort of

Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

At 02:01 PM 12/23/2003 -0500, Rich Salz wrote: If so, then I believe that we need a federated identity and management infrastructure. The difference is that the third-party PKI enrollment model still doesn't make sense, and organizations will take over their own identity issues, as with SAML

Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

2) certificates were fundamentally designed to address a trust issue in offline environments where a modicum of static, stale data was better than nothing How many years have you been saying this, now? :) How do those modern online environments achieve end-to-end content integrity and privacy?

Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

Ian Grigg [EMAIL PROTECTED] 12/20/2003 12:15:51 PM One of the (many) reasons that PKI failed is that businesses simply don't outsource trust. Of course they do. Examples: DB and other credit reporting agencies. SEC for fair reporting of financial results. International Banking Letters of

Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

At 07:34 PM 12/22/2003 -0700, Ed Reed wrote: Of course they do. Examples: DB and other credit reporting agencies. SEC for fair reporting of financial results. International Banking Letters of Credit when no shared root of trust exists. Errors and Ommissions Professional Liability insurance for