Paper summarizing new directions in protecting web users
Jason Holt
jason at lunkwill.org
Wed Mar 8 17:26:55 EST 2006
On Mon, 6 Mar 2006, Amir Herzberg wrote:
> I've summarized the current directions that our group is working on
> towards improving security for web users. I'll probably soon post it as
> HTML, but I'm terribly busy and so far just posted it in eCrypt as PDF,
> see at http://eprint.iacr.org/2006/083.pdf.
[...]
Amir will also be appearing next month in a panel I'm moderating on the
challenges of practical web security at NIST's PKI conference. Some of the
discussions I've seen on this list led to the creation of that panel -- if we
as cryptographers sometimes have to wrangle over what's considered trustworthy
website behavior, how are users ever supposed to cope?
The standard flyer for that conference follows:
*** NO ON-SITE REGISTRATION! Last day to register: March 17 ***
5th Annual PKI R&D Workshop at NIST in Gaithersburg, MD
"Making Cryptography Easy to Use"
April 4-6, 2006
http://middleware.internet2.edu/pki06/
Come join with experts from NIST, NIH, private industry and universities
around the world for our fifth workshop!
Scheduled topics include:
KEYNOTE ADDRESS
HAS JOHNNY LEARNT TO ENCRYPT BY NOW? Examining the troubled relationship
between a security solution and its users
Angela Sasse, University College London
REFEREED PAPERS:
-How Trust Had a Hole Blown In It. The Case of X.509 Name Constraints
-Navigating Revocation through Eternal Loops and Land Mines
-Simplifying Credential Management through PAM and Online Certificate
Authorities
-Identity Federation and Attribute-based Authorization through the Globus
Toolkit, Shibboleth, GridShib, and MyProxy
-PKI Interoperability by an Independent, Trusted Validation Authority
-Achieving Email Security Usability
-CAUDIT PKI Federation - A Higher Education Sector Wide Approach
INVITED TALKS:
-NIST Cryptographic Standards Status Report, Bill Burr, NIST
-Trust Infrastructure and DNSSEC Deployment, Allison Mankin, Consultant
-Integrating PKI and Kerberos, Jeffrey Altman, Secure Endpoints Inc.
-Enabling Revocation for Billions of Consumers, Kelvin Yiu, Microsoft
PANELS:
- Digital Signatures (Moderator: David Chadwick, University of Kent)
- Domain Keys Identified Mail (DKIM) (Moderator: Barry Leiba, IBM)
- Browser Security User Interfaces: Why are web security decisions hard and
what can we do about it?
(Moderator: Jason Holt, Brigham Young University)
- Federal PKI Update (Moderator - Peter Alterman, National Institutes of
Health)
- Bridge-to-Bridge Interoperations (Moderator - Peter Alterman, National
Institutes of Health)
WORKS IN PROGRESS (WIP) (Contact Krishna Sankar (ksankar at cisco.com) if you
have additional WIP topics)
Potential topics:
- CNRI handle system (brief overview)
- International Grid Trust Federation
Complete agenda is available at http://middleware.internet2.edu/pki06/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list