One of my favorite podcasts is Security Now with Steve Gibson and Leo Laporte. I am a long term subscriber, actually I didn’t miss a single episode so far. Finally, after 2 years of enjoying Security Now and applying the lessons learned both at home and at work, I was able to give something back. Steve:

One of our listeners, actually very courteous, a Walter Soldierer I think is how I pronounce his name, he provided me with the name of the guy at VeriSign, and email address, who’s in charge of the whole PIP technology program. His name is Gary Krall at VeriSign. I sent Gary a piece of email saying, hey, I was really glad to get your name and email.
[play audio]

In episode 103, Steve and Leo had interviewed PayPal’s Michael Vergara who is in charge of the PayPal Security Key. It’s a small 6-digit number generator to allow two factor authentication. When I heard about it, I immediately ordered one and now use it on both my PayPal and Ebay accounts.

The PayPal/Ebay Security Key is based on the VeriSign Identiy Protection (VIP) system. Verisign is setting up a network of VIP providers like PayPal and the same Security Key can be used for all sites in the network. Verisign also offers an OpenID implementation of VIP called Personal Identity Provider (PIP) which I registered to add the second factor to my OpenID authenication, too.

While researching PIP I came accross a number of posts from Verisign’s Gary Krall on secutrity discussion forums. He manages an application prototyping team at Verisign and is in charge of PIP. When Steve Gibson covered PIP in Security Now I thought he might want to know who the technical person behind this great initiative is. Actually I was hoping that Steve would interview Gary Krall too…