[Security-devroom] Talk submission : Fribid and browser security software

[Tomas Gustavsson]

Hi,

Here is another submission that I though might be interesting.
If accepted I hope to get the creator, Samuel, of this interesting tool
to come, instead of me.

Affiliation:
Fribid.se [1]

Bio:
I am a PKI nerd since middle of the 90's. Samuel is a Computer Science
student at KTH, Stockholm.

Talk duration: 30 minutes max

Talk: The development of Fribid, what can be do for browser clients?

Since many years ago Swedish digital id's issued by the banks
(equivalent to other countries digital national id's) are using
proprietary client software in order to log in, sign transactions and
enroll for id's. The software works as browser plug-ins since on-line
services are always web based.
Prorietary software rarely works well with Linux, although there are now
have a 32 bit version out. Samuel created an open source version of the
browser plug-in, Fribid [1] to get something that works better. By
investigating communication he soon had a linux client that worked well.
It even works with smart cards using OpenSC [2].

This talk will describe a bit of the development behind fribid, and
extend to some questions that are much broader in scope than the swedish
digital id's, that fribid was created for.

Some of the natural questions to ask are:
- Why are there no open standards for the authentication and digital
signature operations needed for web based applications?
- What can the open source world to to make this important technology
(in a much wider concept than swedish digital id's) open and user friendly?

[1] http://fribid.se/ (swedish unfortunately)
[2] http://wiki.fribid.se/sidor/SmartCards

Cheers,
Tomas