[OpenID] OpenID Providers Invited to Join in an NSTIC Pilot Proposal
Peter Williams
home_pw at msn.com
Sat Feb 11 19:54:26 UTC 2012
whats new is the tone. For years (1989-1994) certs for open systems launguished in any form, the butt of many an IETF joke (the thing that the then DARPA folks wanted to ensure never worked, or took off, as the US agencies fought their strange internal ITU-T vs DARPA/IETF protocol battles.) Then the tone changed. It was a very American change (and that's meant as a compliment) as silicon valley needed something (right there for the picking). 20 years later, we can note that the hated client cert for https client authn has been in reprieve from negative messaging for about 2 years now (just about how long ago the first round of "secret" openid meetings started, with the US Federal government). Recently, they have even gone from "no hope " (but at least no negative campaining) to "ahem" - a modality that perhaps has value. What interesting is the coordination of the messaging. Someone is rehabilitiating the client cert (and even trying to rehabilitate the term "PKI") Let's not look a opportunity too harshly. Sometime, you put things back on the technology shelf and wait - till they get pulled off again (just as the right moment). if this is the moment, then good. (Another American compliment.) But, ask why? (always). Its crypto (a war of nerves). Strike the right balance (as somehow we all did for the last 20 years), there are happy mediums to be found so crypto (the munition) does something useful in civilian world (without being the instrument of big brother) and without being too off-putting to folks in the spying or policing business. I find myself where I was at the OUTSET (not the conclusion) of the mandatory key escrow debate, a decade ago. I was open-minded. I became closed only once I saw the *means* being used to "swamp" dissenters from a position already agreed in private, established in a certain forum populated by folks running the military R&D networks (and their closed, international coordination forums). Once the means used became nasty and personalized (like a victorian backroom blackballing club), I came to the conclusion that mandoryiness could never be trusted - being merely first step of a wedge. Which was a shame, and probably set public key back about, well, a decade - i.e. till now. But, we are 10 year later. The cold was is even colder than ever. Some of the folks who ran it, and were still using cold war "management" techniques 10-20 years ago, are out of the picture. I dont mind crypto conservativeness (getting ever older, myself); what I care about is tone of global leadership, and whether the apparent tone is just a PR campaign: the dulcit tones of the avuncular diplomat masking the contractor desperate to stick a gun in your face, snarling to remind you of "your place". On the other hand, if things are just "right timed" (and client certs get a second chance), then so be it. Interesting times. I smell change, Eddy. Date: Sat, 11 Feb 2012 19:14:10 +0200
From: eddy_nigg at startcom.org
To: openid-general at lists.openid.net
Subject: Re: [OpenID] OpenID Providers Invited to Join in an NSTIC Pilot Proposal
On 02/11/2012 01:58 AM, From Francisco Corella:
FYI:
http://pomcor.com/2012/02/10/openid-providers-invited-to-join-in-an-nstic-pilot-proposal/
Without offending, but what's the news? StartCom (and maybe some
others) do this already for years: https://www.startssl.com/?app=14
A pilot for something that works in production already for years? Or
am I missing something?
Regards
Signer:
Eddy Nigg, COO/CTO
StartCom Ltd.
XMPP:
startcom at startcom.org
Blog:
Join the Revolution!
Twitter:
Follow Me
_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20120211/3e780934/attachment.html>
More information about the general
mailing list