Jun 2009
EU Identity project turns its back on Information Card
The EU Commission funded project STORK announced during its second Industry Group Meeting, that they have decided on SAML 2.0 as protocol for its technical architecture.
The STORK project is the primary pilot project assigned by the EU commission to test cross border electronic identification between citizens and electronic services across Europe.
The first Industry Group Meeting resulted in feedback suggesting that the proposed architecture have potential vulnerabilities with respect to man in the middle attacks.
The combination of the solution to this problem and the selection of SAML 2.0 as the protocol of choice effectively prevents the use of the Information Card technology developed by the Industry during the past five years. The reason for this is that the Information Card model, which also use SAML assertions, uses WS-Trust as its primary exchange protocol and not pure SAML.
Read More...
The STORK project is the primary pilot project assigned by the EU commission to test cross border electronic identification between citizens and electronic services across Europe.
The first Industry Group Meeting resulted in feedback suggesting that the proposed architecture have potential vulnerabilities with respect to man in the middle attacks.
The combination of the solution to this problem and the selection of SAML 2.0 as the protocol of choice effectively prevents the use of the Information Card technology developed by the Industry during the past five years. The reason for this is that the Information Card model, which also use SAML assertions, uses WS-Trust as its primary exchange protocol and not pure SAML.
Read More...
New Internet Draft Nroff editor
2009-Jun-17 04:32 Filed in:All
I have written and made available an Internet Draft editor for writing drafts in Nroff format.
The Nroff format was the dominant way to format draft and RFC documents in the past and many draft writers still use the Nroff format with some command line compiler.
As I failed to find any decent application with which I could edit an nroff file and see the result in one application, I decided to write my own in
NroffEdit as a Java application distributed as jar file and is prepared for Mac and Windows.
For more information see http://aaa-sec.com/nroffedit/index.html
I appreciate any comments, feedback suggestions or bug reports.
Read More...
The Nroff format was the dominant way to format draft and RFC documents in the past and many draft writers still use the Nroff format with some command line compiler.
As I failed to find any decent application with which I could edit an nroff file and see the result in one application, I decided to write my own in
NroffEdit as a Java application distributed as jar file and is prepared for Mac and Windows.
For more information see http://aaa-sec.com/nroffedit/index.html
I appreciate any comments, feedback suggestions or bug reports.
Read More...