Welcome to the full schedule of the OWASP AppSec Research EU 2013 conference days. You’ll find the schedule for the training days at http://trainings2013.appsec.eu
Eccentric Authentication is an authentication protocol that places end user anonymity, privacy and ease of use above other requirements. The user comes first, the web sites come second. The spies can go home.
The protocol offers: - anonymous accounts at web sites; - an end to the password problems; - a way to exchange keys (securely) by looking up names; - an end to phishing; - a way to make javascript applications safe against untrusted code.
By tapping into the centralised DNSSEC/DANE structure, we can create a decentralised anonymous naming infrastructure. That will provide people with anonymity.
The key insight is to forego the requirement of Trust, to gain security. Instead, we create verifiable security that will allow trust to be given.
