* Updates
+ <b>Sep 20, 2001:</b> Microsoft has just announced some changes
+ to passport that are rather interesting. This document
+ reflects the Passport system without taking into account the
+ new changes.
+
+ Read about it <a href="http://www.microsoft.com/presspass/features/2001/sep01/09-20passport.asp">here</a>.
+
+ For an analysis of security problems with passport, check <a
+ href="http://avirubin.com/passport.html">http://avirubin.com/passport.html</a>.
+ The bottom line is that you should not put any sensitive
+ information on passport.
+
I have received many comments from people, and I have updated
the page accordingly. From removing incorrect statements, to
fixing typos, to include mentions to other software pieces.
available, means that trojans or worms could be built
into the products by malicious engineers.
+ Various government officials in non-US countries also
+ have a policy that no state sensitive information can
+ be held by foreign companies in foreign soil. A natural
+ matter of national security to some.
+
* <b>Security:</b> With a centralized system like
Passport, imagine the repercussions of a malicious
hacker gaining access to the Passport database.
A few people have said: `Mono will allow Passport to be
available for Linux and that is bad'. This is plain
- missinformation.
+ misinformation.
Currently, you can obtain Passport for Linux from Microsoft
itself and deploy it today on your Web server. Mono does not
Nat Friedman (Ximian's co-founder) has his own ideas on how a
competing system to Passport could be designed, but I will let
- <a href="http://www.nat.org/gym">him</a> post his own story.
+ <a href="http://www.nat.org/">him</a> post his own story.
+
+** Other Passport Comments
+
+ An interesting study on the security of passport is available at: <a
+ href="http://avirubin.com/passport.html">http://avirubin.com/passport.html</a>
** Other Alternatives