Virtual Identity Dialogue

I meant to post earlier on RSA 2007 - but I got sick after I got back.
And it took me rest of the week to recover/catch up. 


That being said - what I would take away from RSA is this:



1 - Security is important but not "sexy" like a consumer electronics conference.
Which is good because it does need to be taken seriously. It's bad
because it's easy to lose focus on it - which has always been the issue
regardless of technology or moment in history.



2 - Security is vast - ranging from consumer (anti-virus) to
super-secret stuff (literally national security). This was brought home
to myself when I had to give an impromptu briefing to a 3-star general
on just our security products (from database to applications).



3 - I think the convergence of a number technologies are going to help
us take the next step in password security. Namely SMS and 802.11
ubiquitity. I saw at least one start-up showing off a biometric device
that could generate a one-time passwordk without needing to integrate
directly into the PC.


#3 -- that works because of ubiquitous enterprise wireless and I think it's going to be good
thing.  Smart-cards and biometrics are notoriously hard to get to
work and then you often have to rewrite many applications to use it.
But leveraging alternative mechanisms - may make them easier to deploy.



I'll also admit - I'm a bit interested in this because I can see an
angle where virtual directory could be useful for these types of
systems.



Also by breaking the PC-requirement - it improves your odds you are not stuck just deploying this with Windows.