W3C home > Mailing lists > Public > public-wsc-wg@w3.org > July 2007

Re: Authentium

From: Serge Egelman <egelman@cs.cmu.edu>
Date: Mon, 30 Jul 2007 14:27:39 -0400
Message-ID: <46AE2D9B.4080407@cs.cmu.edu>
To: "Doyle, Bill" <wdoyle@mitre.org>
CC: michael.mccormick@wellsfargo.com, dan.schutzer@fstc.org, todd.inskeep@bankofamerica.com, Chuck@Interisle.net, Bob.Pinheiro@fstc.org, Dan.Houser@huntington.com, mark.tiggas@wellsfargo.com, matt.barrington@wachovia.com, peltond@wellsfargo.com, sam.phillips@bankofamerica.com, smb@cs.columbia.edu, solod@citigroup.com, Pete.Palmer@wellsfargo.com, tom.keane@wachovia.com, john.fricke@fstc.org, richard.a.parry@jpmchase.com, Stan.Szwalbenest@chase.com, chris.nautiyal@fstc.org, public-wsc-wg@w3.org

Yeah, this sounds great, we can create a proposal to create a whole
private "secure" Internet.

serge

Doyle, Bill wrote:
> Sounds pretty good - private DNS is a nice touch
>  
> Bill
> 
>     ------------------------------------------------------------------------
>     *From:* public-wsc-wg-request@w3.org
>     [mailto:public-wsc-wg-request@w3.org] *On Behalf Of
>     *michael.mccormick@wellsfargo.com
>     *Sent:* Monday, July 30, 2007 12:16 PM
>     *To:* dan.schutzer@fstc.org; todd.inskeep@bankofamerica.com;
>     Chuck@Interisle.net; Bob.Pinheiro@fstc.org;
>     Dan.Houser@huntington.com; mark.tiggas@wellsfargo.com;
>     matt.barrington@wachovia.com; peltond@wellsfargo.com;
>     sam.phillips@bankofamerica.com; smb@cs.columbia.edu;
>     solod@citigroup.com; Pete.Palmer@wellsfargo.com;
>     tom.keane@wachovia.com; john.fricke@fstc.org;
>     richard.a.parry@jpmchase.com; Stan.Szwalbenest@chase.com;
>     chris.nautiyal@fstc.org
>     *Cc:* public-wsc-wg@w3.org
>     *Subject:* Authentium
> 
>     There are emerging vendors who offer a hardened web browser that
>     only allows the user to access certain pre-vetted web sites.  The
>     one I saw demo'd today is based on the Mozilla code base.  The UI
>     looks like a stripped-down Firefox.  While it's running all other
>     Windows programs (inc. any key loggers or other malware) are more or
>     less suspended.  Only SSL communication is allowed.  The browser
>     also uses a private DNS server to avoid DNS poisoning and a signed
>     URL list to avoid bookmark poisoning.
> 
>     Sounds kind of like Safe Browsing?
> 
> 
>     *Michael McCormick, CISSP*
>     Lead Architect, Information Security Technology
>     Wells Fargo Bank
>     255 Second Avenue South
>     MAC N9301-01J
>     Minneapolis MN 55479
>     (      612-667-9227 (desk)             7       612-667-7037 (fax)
>     (       612-590-1437 (cell)             J      
>     michael.mccormick@wellsfargo.com (AIM)
>     2       612-621-1318 (pager)            *      
>     michael.mccormick@wellsfargo.com
>     <mailto:michael.mccormick@wellsfargo.com>
> 
>     “THESE OPINIONS ARE STRICTLY MY OWN AND NOT NECESSARILY THOSE OF
>     WELLS FARGO"
>     /This message may contain confidential and/or privileged
>     information.  If you are not the addressee or authorized to receive
>     this for the addressee, you must not use, copy, disclose, or take
>     any action based on this message or any information herein.  If you
>     have received this message in error, please advise the sender
>     immediately by reply e-mail and delete this message.  Thank you for
>     your cooperation./
> 

-- 
/*
Serge Egelman

PhD Candidate
Vice President for External Affairs, Graduate Student Assembly
Carnegie Mellon University

Legislative Concerns Chair
National Association of Graduate-Professional Students
*/
Received on Monday, 30 July 2007 18:44:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:50 GMT