please think of the kittens

While searching what others write about Information Cards I found this older presentation and want to share especially one slide with you:
If you made OpenID phishing resistant then you have Microsoft CardSpace Geneva?! We need a secure (enough) UI for login and attribute sharing through OpenID, Information Cards and even username/password. I think that cards are a metaphore that users understand and what happens underneath the UI should not really concern the user. I don't want to remember an OpenID or a password, I want to choose a card and what happens under the hood... who cares?! Well, the server vendors care but not the user.
Please join the discussion at the Information Card Foundation!

Mozilla Add-On Workshop Berlin 2009

Last Saturday I attended the Mozilla Add-On Workshop in Berlin. It happened in the c-base which is a really cool location for this kind of events. Although the rooms are connected like pearls on a string which led to some traffic even during the sessions. Anyway it was a good event and I will go there again when it comes to Berlin again.
Things that impressed me:

• The new video capabilities of Firefox 3.1 are astonishing. You can implement real-time image processing inside the browser to have blue-screen effects or to track people moving in front of the camera or <what-ever-you-can-think-of-on-doing-to-a-bitmap>.
• DOM worker threads bring concurrency to javascript. This can be helpfull if you have a lengthy job to do but I fear that this can have astonishing effects.
• The Mozilla Lab's project weave has a new version. Try it. I think it should be easy to extend sharing bookmarks, open tabs, extension from machine to machine to Information Cards and Information Card stores too.

Things that need more work:

• Mozilla's build system. This is a monster.
  • I tried to build Firefox with Windows SDK 2008 and the .NET 3.5 framework -> no fun
• crypto support in Mozilla is poor. I need xmldsig, xmlsec and some "basic" digest and crypto (RSA-OAEP-MGF1P) in extensions.
• Java access from javascript extensions seem to go down the drain unless mozilla and sun do something.

RSA 2009 US Personal Schedule for Axel Nennker

RSA 2009 US Personal Schedule for: Axel Nennker

Monday
09:00-17:00	SEM-002 Purple 301	Harnessing the Power of Digital Identity: 2009 and the Promising Road Ahead

Tuesday
08:00-08:50	KEY-101 Hall D	A Common Call: Architecting a New Information Security Landscape
09:00-09:30	KEY-102 Hall D	The New Security Agenda: Changing the Game
10:00-10:30	KEY-103 Hall D	Moving Towards 'End to End Trust': A Collaborative Effort
10:40-11:30	KEY-104 Hall D	The Cryptographers' Panel
11:30-12:00	BC-001 Briefing Center	Mobile 2.0 Trends and Threats
12:30-13:00	BC-002 Briefing Center	The Next Generation of Security - Cyber Security
13:30-14:40	ESS-105 Purple 301	Fostering Collaboration and Opportunities in Identity Management
15:00-15:50	STAR-106 Purple 309	Using Claims to Simplify and Secure User Access to Applications and Services
16:10-17:20	ESS-107 Purple 301	Information Cards What User-Centric Computing Can Do for Your Enterprise
17:40-18:30	ESS-108 Purple 301	Building Authorization Into The Enterprise Identity Metasystem

Wednesday
15:20-15:50	KEY-206 Hall D	Collaborate with Confidence
17:30-18:00	BC-014 Briefing Center	A Pragmatic Approach to Building Identity Management for the Enterprise

Thursday
08:00-08:50	PROF-301 Purple 305	Professionalizing the Security of Software Development
09:10-10:00	P2P-302A Orange 135A	Identity and Privacy Models
10:40-11:30	P2P-303B Orange 135B	Claims-Based Identity - What is the Business Case?
14:10-15:00	NET-304 Purple 306	Mobile Operator's Perspective on Security
15:20-16:10	P2P-305B Orange 135B	Raising the Bar on Authentication
16:30-17:00	KEY-307 Hall D	The Transformation of Identity and Access Management

Friday
11:00-16:30		Information Card Foundation Directors Meeting

Car Re-Registration with Information Cards and German eID by Fraunhofer Fokus

Fraunhofer Fokus demoed a cool scenario where a user re-registers his car using the new German eId and Microsoft CarsSpaceCardspace. What I exspecially liked that the slides show Firefox and the openinfocard selector installed.



The following is the text from the slide:
Re-registration of a car can prove a real headache. But the Fraunhofer Institute for Open Communication Systems FOKUS in Berlin has joined forces with the Bundesdruckerei to develop the prototype of an electronic automobile re-registration procedure that can be conveniently operated using the home computer.
To use this simple procedure, however, the citizen first requires a safe means of identity in the digital world. He or she requires an electronic identity or ‘e-identity’ which needs to be created, administered and decommissioned.
Across its life cycle the digital identity can be used for a wide variety of different transactions and activities – but always with the aim of proving the identity of the real individual in the virtual world. Users must be able to navigate in the digital world; they must reveal certain information about themselves – but not too much and certainly not to everybody. At the same time increasingly pervasive networking means that previously separate islands of identity have now to interact and cooperate.
In the ‘Re-registration of an Vehicle’ scenario the car owner can use an electronic ID card as a means of identification of the type that will come into use in Germany in 2010. Using this card she logs onto a user-centric service – the scenario uses Windows’ CardSpace – which issues her with a ‘digital card’ or Information Card which she can use via an identity provider to safely authenticate herself on an vehicle portal. Using an electronic vehicle registration certificate – which could also become widely available in future – the car registration office can then read off the key data about the car via the internet and store the data that has been changed.
The citizen then transfers the revised data to a future digital license tag.
Please contact Jens Fromm from Fraunhofer Fokus for more information.