Today I attended a webinar by MS by Jan Alexander; Must say he did a good job explaining what it means to developers (myself) and the rest of the world to making identity management and more safe on the internet. "Geneva" basically is a concept where all certificates (SSL or otherwise) have just "more" involved behavior; its "claims based" so ... for example, if you were using windows "geneva" to visit a website. You could view other claims other users have made against that site to decide if its safe or not. However, from this concept, I see some inherent flaws with this as well, given the users claims could be falsified but, with geneva, its supposed to tie into a centrally managed system at passport (microsoft live) and such, not sure if thats exactly a good thing or trustworthy. I guess we'll just have to trust microsoft anyway right? I mean if you can't trust microsoft, who can you trust? well, thats it, Im heading to bed, I'll write more later. -- JB
No comments:
Post a Comment