Profile

Cover photo
Jeff Hodges (JeffH)
8,138 views
AboutPostsPhotosVideos

Stream

Jeff Hodges (JeffH)

Shared publicly  - 
 
Real World Crypto Workshop has been interesting, and a great way to catch up with various colleagues f2f :)
https://crypto.stanford.edu/RealWorldCrypto/
1

Jeff Hodges (JeffH)

Shared publicly  - 
 
This is Good Stuff:
 
Five years on since 'clickjacking' became a big deal, it remains one of the big unsolved security problems for mashup-type applications that use cross-origin framing and embedding.  While it's far from a perfect solution, the W3C WebAppSec WG has taken a step towards providing developers standardized tools for protecting their users from click fraud with its release of a First Public Working Draft of the User Interface Safety Directives for Content Security Policy.  If you're interested in this area of web security, we would appreciate your comments.
Abstract. This document defines directives for the Content Security Policy mechanism to declare a set of input protections for a web resource's user interface, defines a non-normative set of heuristic...
View original post
1

Jeff Hodges (JeffH)

Shared publicly  - 
 
Although I'm honored by the various folks who've added me (i.e. my online G+ -specific persona) to their various circles, I remain underwhelmed and frustrated by today's webapp-based social network services, for various reasons. To clarify: even though I have my account here, I'll only occasionally use it - largely for familiarity/testing reasons. So don't be expecting me to have this webapp constantly open in a browser window, waiting to pounce on any or all of those pithy posts and notifications trickling through, or for myself to emit a constant stream of such. If you really want/need to contact me, email, instant messaging, or PSTN (sms/voice) remains your best choices, and I can be "followed" on the various public and private email distribution lists I participate on, or on my blogs, or on (ugh) twitter. Just sayin' (so y'all r aware). :-D
2

Jeff Hodges (JeffH)

Shared publicly  - 
 
<rant>
Apparently, G+ "nicknames" aren't the same as one's "google account nickname".  My goog acnt nickname has been "=JeffH" for years, but noooo, I'm not allowed to set my G+ nickname to that because of the special char "=" in it. sigh

I wouldn't care that much about it if it wasn't that recently another "Jeff Hodges" has shown up working publicly in similar areas as I do, and thus it is now more important to me, and I'd trust our various correspondents too, to be able to easily disambiguate us.  

I've been keeping the "=JeffH" i-name conceit, even thought i-names never caught on (which is what I'd expected but that's another story) because I figured if any other "jeff hodges" showed up (and gee, it did happen), then the "JeffH" moniker would still be disambiguated by the nerdy that-didn't-quite-work-out "=" sign. 

So I'm disappointed that I can't wield it here, and I'm hoping that Jeff (M) Hodges doesn't choose to also go by "JeffH" hereabouts....
</rant>
2

Jeff Hodges (JeffH)

Shared publicly  - 
 
Brad Hill on whether TLS/SSL is broken and how to fix it: <https://plus.google.com/111651590529917511252/posts/Qn9WP3PcRRt> From #RSAC panel discussion last week
1

Jeff Hodges (JeffH)

Shared publicly  - 
 
Innaresting to note:  G+ allows editing of posts (my fat fingers thank them), but it seems that shared posts aren't subsequently updated?  Not within a few minutes anyway (will check again later)
1

Jeff Hodges (JeffH)

Shared publicly  - 
 
As others have noted, HTTP Strict Transport Security (HSTS) is now finalized/published as RFC6797:

RFC 6797 - HTTP Strict Transport Security (HSTS) 
http://tools.ietf.org/html/rfc6797
[Docs] [txt|pdf] [draft-ietf-websec...] [Diff1] [Diff2] PROPOSED STANDARD Internet Engineering Task Force (IETF) J. Hodges Request for Comments: 6797 PayPal Category: Standards Track C. Jackson ISSN: ...
5
1
Jakub Urbanec's profile photoBrad Hill's profile photo
 
Yet another RFC you auhored? Man, you rock!

Jeff Hodges (JeffH)

Shared publicly  - 
 
this is a test.
1
Basic Information
Gender
Male
Links