By Jeff Jones, Microsoft Trustworthy Computing

Yesterday was a busy day, so I got a bit behind with my updates on RSA, but I wanted to post about the Microsoft keynote, in addition to the others I attended.

The format was a fireside chat, with Craig Mundie, Microsoft's Chief Research and Strategy Officer sitting and talking with Chris Leach, Chief Information Security Officer at Affiliated Computer Services. 

I knew generally what Craig was going to talk about, but I was very interested to hear Craig's perspective and see how he thought about and talked about the End to End Trust topic.  In my opinion, this is one of the key topics that could help guide where Microsoft security efforts will go over the next 5 years, building on the past 5 years, and I am happy to see that leadership (Craig, Scott Charney) are approaching it as a dialog with the industry and recognizing that it needs interoperability and industry support.

Two key topics stuck with me at the end of the keynote:

1. How security and privacy are very independent, supporting each other, while also having a tension between them.
2. Any technological efforts supporting End to End Trust will need to be very inclusive in order to work in heterogeneous environments.  Past infrastructure efforts (e.g. PKI) have demonstrated that the level of work and investment required means that it is more likely to hit roadblocks if existing business processes are excluded.

Jeff Jones, Microsoft Trustworthy Computing