Secure Coding mailing list archives
Microsoft's message at RSA
From: sbradcpa at pacbell.net (Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] )
Date: Mon, 05 May 2008 18:38:54 -0700
http://media.omediaweb.com/rsa2008/mediaplayerVO.htm?speaker=1_4 And if you want to listen to it, there it is as well. Gunnar Peterson wrote:
Hi Gary, I think they are doing it, Cardspace is the key enabling technology to making it happen. Given how many enterprises are federation-enabled (and how simply the rest can be), the biggest missing piece right now is that we need an Identity Provider for the Internets. Of course this only helps to solve the access control problem, not the defensive programming problem, you can still shoot yourself in the foot with SAML and WS-* (Brian Chess and I gave a talk on this at RSA). But at least it will be nice to have the banks and brokerage houses stop having people type their username and passwords into web browsers, and then blaming the consumer when things go amiss. -gp Gary McGraw wrote:hi sc-l, Here's an article about Mundie's keynote at RSA. It's worth a read from a software security perspective. Somehow I ended up playing the foil in this article...go figure. http://reddevnews.com/features/article.aspx?editorialsid=2470 So what do you guys think? Is this end-to-end trusted computing stuff going to fly with developers? gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L at securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ______________________________________________________________________________________________ Secure Coding mailing list (SC-L) SC-L at securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
Current thread:
- Microsoft's message at RSA Gary McGraw (May 05)
- Microsoft's message at RSA Gunnar Peterson (May 05)
- Microsoft's message at RSA Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (May 05)
- Microsoft's message at RSA Andy Steingruebl (May 09)
- Microsoft's message at RSA Gary McGraw (May 09)
- Microsoft's message at RSA Andy Steingruebl (May 09)
- Microsoft's message at RSA Gunnar Peterson (May 09)
- Microsoft's message at RSA Gary McGraw (May 09)
- Microsoft's message at RSA Gunnar Peterson (May 05)