nanog mailing list archives

Re: How to fix authentication (was LinkedIn)

From: Kyle Creyts <kyle.creyts () gmail com>
Date: Wed, 20 Jun 2012 19:31:40 -0400

Guess we all need implants deep in less-than-easily-operable areas to
bind us to a digitally-accessible identity. This would make for an
interesting set of user-based trust-anchoring paradigms, at least.

On Wed, Jun 20, 2012 at 7:26 PM, Jay Ashworth <jra () baylink com> wrote:

----- Original Message -----

From: "Leo Bicknell" <bicknell () ufp org>

SSL certificates could be used this way today.

SSH keys could be used this way today.

PGP keys could be used this way today.

What's missing? A pretty UI for the users. Apple, Mozilla, W3C,
Microsoft IE developers and so on need to get their butts in gear
and make a pretty UI to create personal key material, send the
public key as part of a sign up form, import a key, and so on.


Yes, but you're securing the account to the *client PC* there, not to
the human being; making that Portable Enough for people who use and
borrow multiple machines is nontrivial.

Cheers,
-- jra
--
Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274




-- 
Kyle Creyts

Information Assurance Professional
BSidesDetroit Organizer

Current thread:

Re: LinkedIn password database compromised, (continued)
- - - Re: LinkedIn password database compromised Randy Bush (Jun 20)
    - Re: LinkedIn password database compromised Leo Bicknell (Jun 20)
    - Re: LinkedIn password database compromised Randy Bush (Jun 20)
    - Re: LinkedIn password database compromised Tei (Jun 21)
    - Re: LinkedIn password database compromised Tony Finch (Jun 21)
    - Re: LinkedIn password database compromised Rich Kulawiec (Jun 21)
    - RE: LinkedIn password database compromised Keith Medcalf (Jun 23)
    - Re: LinkedIn password database compromised Michael Thomas (Jun 23)
    - Re: LinkedIn password database compromised AP NANOG (Jun 20)
    - How to fix authentication (was LinkedIn) Jay Ashworth (Jun 20)
    - Re: How to fix authentication (was LinkedIn) Kyle Creyts (Jun 20)
    - Re: How to fix authentication (was LinkedIn) valdis . kletnieks (Jun 20)
    - Re: How to fix authentication (was LinkedIn) Kyle Creyts (Jun 20)
    - RE: How to fix authentication (was LinkedIn) Drew Weaver (Jun 20)
    - Re: How to fix authentication (was LinkedIn) Aaron C. de Bruyn (Jun 20)
    - Re: How to fix authentication (was LinkedIn) Alexander Harrowell (Jun 21)
    - Re: How to fix authentication (was LinkedIn) AP NANOG (Jun 21)
    - Re: How to fix authentication (was LinkedIn) Ben Jencks (Jun 21)
    - Re: How to fix authentication (was LinkedIn) Randy Bush (Jun 21)
    - Re: How to fix authentication (was LinkedIn) Christopher Morrow (Jun 21)
    - Re: How to fix authentication (was LinkedIn) AP NANOG (Jun 22)

(Thread continues...)