This is levand's Typepad Profile.
Join Typepad and start following levand's activity
Join Now!
Already a member? Sign In
Recent Activity
There is a system that already works much this way, with the following advantages: 1. No need to trust a cloud. 2. Browsers already support it. 3. It's easy to program on the server side. 4. It's extremely secure, with no known attacks. That's right: it's standard public-key encryption using a client certificate. Of course, the big problem is that "pki is too complicated for average users". But I think this can be mitigated in two ways: 1. Introduce it slowly, but in mandatory ways, in domains that (a) people need to use, even if means learning something new, and (b) really need more security than current systems can provide. The perfect case is banking. Banks should require pki access to their websites - they can even market it as a competitive advantage, since it's that much more secure than passwords. People will complain, but eventually would learn how to use it, and then the rest of the internet could jump on board. 2. You can provide key management browser plugins that store your key in the cloud for people who don't want the hassle of managing their own keys. Less secure, but the secure option is still available for those who want and value it.
levand is now following The Typepad Team
Sep 16, 2011