Stephen.Wilson's blog

Stephen Wilson's Babysteps

Ideas to demystify identity, privacy, authentication and safety online.

Why is security so hard to sell?

Bruce Schneier last month reported on the RSA Conference and how security exhibitors are complaining that visitors to their stands aren't buying much. 

In respect of selling security in general, he points out that people don't usually buy car safety components, and neither should they buy information security per se. I couldn't agree more -- I believe that security should be sold on a sort of wholesale basis.

Read more

Privacy expectations around biometrics

Here's one of the most bizarre lines I've ever seen in biometrics and national security:

Fingerprints 'not particularly private,' security czar says
Edmonton Sun, Thu 10 April 2008
http://www.edmontonsun.com/News/Canada/2008/04/10/5244996-sun.html

Read more

Catching on slowly to identity plurality

We should be in the middle of a true paradigm shift, to a new worldview based on a plurality of identities. The Laws of Identity point with great clarity to the reality that we each lay claim to a suite of identities. My own work in PKI over the years (see e.g. Public Key Superstructure) has led to a firm belief in the usefulness of multiple digital certificates, mapping on to multiple real worl identities.

Read more

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I