It’s been a fairly eventful June this year for us geeks. Apple started off with their World Wide Developers Conference (WWDC), then Microsoft held two guerilla-like press events before Google ends the month with their Google I/O conference. I have tried to look into the most interesting things coming from these events as viewed with the Enterprise mindset and the classic "we love Mobile Device Management" on the tip of my tongue 🙂
I have a number of things I find interesting when it comes to computers and gadgets, and a recurring theme for me is decent security combined with good user experiences. (That does sound grandiose doesn’t it?)
Lately I’ve been researching this more than usual partly due to building some services in Windows Azure where I want to provide secure and authenticated access. (And I don’t consider myself competent to build a fully hardened solution from scratch just because I know what hashing and salting of passwords means.) While looking into this I came across a nifty product series called YubiKey from http://www.yubico.com, and wanted to share some thoughts on these. If you’ve visited my blog before you might have noticed I’ve already covered client certificates a few times, which of course also meets the definition of two-factor, but this time around we’re looking at hardware for providing the additional factor.
I mentioned in my last blog about Android Ice Cream Sandwich that it is now possible, (actually from Android 3.x Honeycomb), to enroll certificates directly from the /CertSrv web site onto your mobile device. (If you’re running a Microsoft CA of course.)
This is all nice and dandy, but it’s not like Android devices are the only devices you’re likely to be supporting. With the tablet varieties the split is something like 90/10 iPad vs “the rest”. However if you ever tried loading up /CertSrv on your iOS device or your Windows Phone you’ll have noticed that it’s not working.
I find this slightly annoying, and decided to look into this further. Those pesky ActiveX controls can’t be the only reason right? 🙂
There’s two things to sort out here really; is it anything with the web pages themselves and the server, or something on the browser side. Turns out there’s a bit of both involved actually.