ACCOUNTABILITY, SECURITY, PRIVACY, & SINGLE SIGN-ON FOR THE ENTIRE WEB
THE WEB HAS AN IDENTITY PROBLEM
The modern Web is nothing short of the Wild Wild West of the 21st century. One of the most important questions a service must ask is how to distinguish the good from the bad. How does a service quickly and with limited resource requirements determine if a connection is being operated by a good or bad actor? The web lacks enforceable reactive security. IP addresses can be effortlessly spoofed & with the rise of 0-RTT this only further complicates security concerns. Everyone on the web needs a way to report and keep track of bad actors or compromised devices. Every service needs to be able to quickly determine whether or not a connection is coming from a bad actor. Network security is only getting more complicated and more expensive. This trend will only continue unless we address the root issues.
We need to do away with usernames & passwords. Logging into a service should happen during the connection handshake. We need to start thinking in terms of identities, (key pairs), instead of passwords for services. Taking your social media profiles on the go while leaving your banking profiles at home.
Services can begin to utilize a network wide reporting system for bad actors. This reporting system improves the overall health and security of the web. This public ledger of bad & good actors would allow services to quickly make judgement calls on what to do during connection handshake.
Accountability is a complicated issue and in-order to bring law and order to the web it’s going to take hardware solutions not just software. If you are an NSP or ISP and are interested in what we are working on regarding hardware solutions for the entire network make sure to shoot us an email.