by TPB ➕follow (0) 💰tip ignore
Comments 1 - 9 of 9 Search these comments
I once did a custom eMail server, that applied Domain Keys(DMIK) to the headers of the outgoing mail. I think a system like that would be the perfect for single signon.
You would generate a MD5 encryption key with one password, register it with a digital certificate authority, then save that in your DNS folder on your computer, then a copy is saved on the DNS server along with you email address. You would log into a web site, only providing your email address. Then just like using Capcha but instead of displaying it in a graphic, the random generated word or phrase, is created then a call to the DNS server to retrieve your encryption key, the phrase is encrypted using the hash stored on the DNS server then the encrypted result is then sent to you.
Your computer will then now to respond to this challenge, by looking in your local DNS folder and grabbing your local key stored in a new section in the 127.0.0.1 file then decrypts the information, and sends it back. This value has to equal the original value on the server that generated the phrase, by now that has been encrypted, sent decrypted and sent back as the same legible phrase.
If you are who you say you are.
Let's use the Internet protocols as they were intended. I don't recall the Google, Facebook, section in the W3 consortium standards.
Obama's office want's a standardized web log in, using Either GOOGLE or FACEBOOK.
Not just google or facebook:
"To minimize identity theft, the Obama administration is urging Internet companies to agree upon and adopt a standard, reliable identity-verification system that people can use for any website. Each person would choose one company, perhaps their e-mail service provider, to handle credentials for sensitive personal or financial information on other sites.
In this hypothetical digital world, someone could buy books on Amazon.com using a Google account, while another person could sign up for a social network using a PayPal account."
How about starting with demanding that all internet sites that require a password must store the password in an unreadable format, say salted and hashed format, so that insiders or malicious hackers never can see a password in plain text.
If they would only do that, a lot of problems would go away.
How about just that, for starters. It is long overdue.
Yeah, it's never going to happen. I'm as familiar as anyone with the history of and issues surrounding identity on the internet. Nothing short of a government-run, mandated program (which the public will reject anyway) will ever work.
Nothing short of a government-run, mandated program
that's where this is headed. Obama want's to appoint Google ministry of "Who the fuck are you?".
Obama's office want's a standardized web log in, using Either GOOGLE or FACEBOOK.
Not just google or facebook:
" the Obama administration is urging Internet companies to agree upon and adopt a standard, reliable identity-verification system that people can use for any website.
But what if I don't want my identity reliably verified?
But what if I don't want my identity reliably verified?
Hmmm... I guess you should support legislation where your identity is unreliably verified.
Nothing short of a government-run, mandated program
that's where this is headed. Obama want's to appoint Google ministry of "Who the fuck are you?".
William E Baughb
Or, you know, not.
This will never fly with most people. Too many use the internet for porn and other things they don't want their identifying info to be connected to. Too many people would simply not log on beyond doing their basic tasks and the lifeblood of the internet, the exchange of ideas between people, would be lost.
This is not to say it can't be done, only that it would be the beginning of the end for the internet beyond basic tasks like paying bills or sending email, and even those functions would be kept at a minimum.
Whether you want to have a Google or Facebook account or not.
Uncle Sam wants you to register with one of the certified official Homeland snooping departments. Obama's office want's a standardized web log in, using Either GOOGLE or FACEBOOK.
Even if you've made a conscious decision to be a member of either service.
So basically if they had their way, you wouldn't be able to view your email, log on to your internet provider, manage your domains at any of the registrars, log into Patrick.net anything. With out a Google or Facebook account.
http://www.cnn.com/2012/02/15/tech/web/government-online-id/index.html?hpt=hp_t3
#politics