Paper summarizing new directions in protecting web users

Jason Holt jason at
Wed Mar 8 17:26:55 EST 2006

On Mon, 6 Mar 2006, Amir Herzberg wrote:

> I've summarized the current directions that our group is working on
> towards improving security for web users. I'll probably soon post it as
> HTML, but I'm terribly busy and so far just posted it in eCrypt as PDF,
> see at

Amir will also be appearing next month in a panel I'm moderating on the 
challenges of practical web security at NIST's PKI conference.  Some of the 
discussions I've seen on this list led to the creation of that panel -- if we 
as cryptographers sometimes have to wrangle over what's considered trustworthy 
website behavior, how are users ever supposed to cope?

The standard flyer for that conference follows:

*** NO ON-SITE REGISTRATION!  Last day to register: March 17 ***

5th Annual PKI R&D Workshop at NIST in Gaithersburg, MD
"Making Cryptography Easy to Use"
April 4-6, 2006

Come join with experts from NIST, NIH, private industry and universities
around the world for our fifth workshop!

Scheduled topics include:

HAS JOHNNY LEARNT TO ENCRYPT BY NOW? Examining the troubled relationship
between a security solution and its users
Angela Sasse, University College London

-How Trust Had a Hole Blown In It.  The Case of X.509 Name Constraints
-Navigating Revocation through Eternal Loops and Land Mines
-Simplifying Credential Management through PAM and Online Certificate
-Identity Federation and Attribute-based Authorization through the Globus
Toolkit, Shibboleth, GridShib, and MyProxy
-PKI Interoperability by an Independent, Trusted Validation Authority
-Achieving Email Security Usability
-CAUDIT PKI Federation - A Higher Education Sector Wide Approach

-NIST Cryptographic Standards Status Report, Bill Burr, NIST
-Trust Infrastructure and DNSSEC Deployment, Allison Mankin, Consultant
-Integrating PKI and Kerberos, Jeffrey Altman, Secure Endpoints Inc.
-Enabling Revocation for Billions of Consumers, Kelvin Yiu, Microsoft

- Digital Signatures (Moderator: David Chadwick, University of Kent)
- Domain Keys Identified Mail (DKIM) (Moderator:  Barry Leiba, IBM)
- Browser Security User Interfaces: Why are web security decisions hard and
what can we do about it?
   (Moderator:  Jason Holt, Brigham Young University)
- Federal PKI Update (Moderator - Peter Alterman, National Institutes of
- Bridge-to-Bridge Interoperations (Moderator - Peter Alterman, National
Institutes of  Health)

WORKS IN PROGRESS (WIP)  (Contact Krishna Sankar (ksankar at if you
have additional WIP topics)
Potential topics:
-  CNRI handle system (brief overview)
-  International Grid Trust Federation

Complete agenda is available at

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list