Tuesday, July 03, 2012

The Sad World of Passwords: Is X.500 the answer?

Martin Kuppinger commented on both John and my posts on this topic. Martin, as usual, added some pretty good meat to the discussion. There’s a couple of points I wanted to emphasize that I thought were particularly important:

  • We also know that user acceptance is key to success

This is possibly the #1 issue to security in general. It has to be easy for the user. Ever forget your car keys somewhere? Have to go downstairs to get your wallet so you can get your credit card number to complete an order on a machine upstairs? That type of inconvenience is difficult to overcome around security. I am not convinced that NFC is the panacea here either. I’m sure it’ll be awesome if you happen to have your NFC device at-hand, charged and ready to go.

  • Trust frameworks will be dealing with the complexity of having many IdPs

Hmmm, communication between multiple IdPs? Maybe we’ll need to have a master IdP in each country responsible for “chaining” these transactions to lower-level IdPs and communicating between country-level IdPs? Might we need referrals between these IdPs? What about caching? Shades of X.500!

Yes, I remember how successful X.500 was: At the Interop conference in Atlanta in 1995 an attendee came up to me at the Zoomit booth and said: “How do you speed up things 500 times?” That’s when I knew it was time to move on.

Yes, this will be complicated…

No comments: