Internet Authenticity (PKI Done Right) Works where Security Technology Has Failed Us

Everyone's talking about eliminating passwords. The right way to do that is with public key infrastructure (PKI) identity certificates. This presentation will demonstrate enrollment procedures for different levels of required security, with more sensitive applications calling for more rigorous enrollment procedures. The resulting identity certificate carries with it a numerical rating of its own reliability.

Authenticity is the condition that exists when we have:

• Digital Signatures Everywhere, backed by
• Measurably Reliable Identity Certificates that are
• Owned by their Users and which provide
• Privacy via Accountable Anonymity.

Our goal is to establish a relationship with Drupal developers who understand PKI and who want certificate authentication, which allows for single sign-on (SSO), accountable anonymity, and various other benefits.

We have released two modules on Drupal.org to provide an understanding of Authenticity:

• PKI Registration Authority
  • This module allows your site to act as registration authority (RA) as part of a public key infrastructure (PKI).  Once registered, users will be able to generate certificates they can use as credentials. For example, such certificates can be used to log into sites without usernames or passwords via the Certificate Login module.
• Certificate Login
  • This module allows users to log into your site securely without usernames and passwords. It uses digital/identity certificates users have imported into their browsers as part of a public key infrastructure (PKI). The certificates can be generated by Drupal's PKI Registration Authority module or any other registration authority (RA) / certification authority (CA).