Bill Gates Tuesday opened the annual RSA Security Conference with an overview on the state of security that was long on vision and broad with its details.Gates, Microsoft\u2019s chief software architect, said the industry must meet a set of four high-priority initiatives in order to improve security in an ever increasing digitized world that is working more and more over the Internet.Gates started off light saying he was glad to be keynoting at RSA because his other invitation \u201cwas to go quail hunting with Dick Cheney. I\u2019m feeling really safe right now,\u201d he said.Gates then launched into the importance of security going forward and categorized a set of priorities under four headings: trust ecosystem, engineering for security, simplicity, and fundamentally secure platforms.\u201cIt is a very big challenge to make sure that security is not the thing holding us back,\u201d Gates said. \u201cThe Internet is such a critical infrastructure for productivity, for reliability, for privacy that the dream we have can only be realized if we not only build secure approaches but make them easy to administer and make it so the users understand exactly what to expect. That means a lot of invention and a lot of improvement from where we are today.\u201dGates gave very little in the way of new initiatives or ideas at Microsoft for meeting his four broad goals, instead tailoring his remarks around announced features in the upcoming Windows Vista client operating system including smart card support, identity technology called InfoCard, and improvements in the Internet Explorer browser.The only real announcement was that Microsoft\u2019s Certificate Lifecycle Manager was now in beta. The announcement came as an aside during a demo showing how a user who lost his smart card, laptop and phone could quickly get replacements.Gates used the demo to highlight his trust ecosystem, one of his four priority areas for improving security.\u201cWe have chains of trust,\u201d Gates said. \u201cWhat we need to do is track those trust relationships, to grab permissions, to revoke those trust relationships, to develop reputation over time.\u201d He said today people live without a trust ecosystem.\u201cIt can\u2019t be something whether it is one unique piece of software or one unique organization, it has to be totally federated so all the trust statements can be understood and reasoned against. With that we get reputation, for code, for users, across all the different activities they do.\u201dHe said one key of the ecosystem would be about people and the need to manage certificates, including issuance and revocation. Gates said over the next 3 to 4 years corporate users should start to see a shift away from passwords to two-factor authentication in the form of smart cards. And he said high-value certificates would help users reliably identify Web site owners.In terms of engineering for security, Gates used as an example Microsoft\u2019s use of tools and new design practices for developing secure code. \u201cCode has to operate as expected,\u201d he said.In terms of simplicity, Gates said Microsoft has to get dramatically better.\u201cThe number of screens you have to get involved in, the number of places you have to go to find out what went on are still too high,\u201d he said.Gates pointed out some of the things that Microsoft is doing to get better, such as: the inclusion of the OneCare security service in Vista, improvements to the Security Center in the operating system, the use of group policy controls by IT, and the use of InfoCard, a system now supported in IE 7.0 that lets users control the dissemination of their own identity information.\u201cSecurity and management are not really two separate things,\u201d Gates said.Under his goal for fundamentally secure platforms, Gates pointed out Vista, which he said would take Microsoft to new heights in terms of security. He highlighted user protection controls that limit administrative rights and protect malicious code from running amok, along with Windows Defender for blocking spyware. Beta 2 of Defender also was released today.Gates wrapped up by saying the industry needs to focus on all four of these security areas.\u201cThe opponent in this case\u2026 is not standing still,\u201d he said.