Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sun Releases Open Source Tool for Project Liberty

Posted by ryuzaki0 on from the forget-your-passport dept.

ruisantos writes "After submiting the technical specifications for the project , Sun has finally launched an open source tool for its upcoming Sun ONE Identity Server version 6.0, the news can be found on CNET news."

4 of 113 comments (clear)

  1. Re:Open source... by passthecrackpipe · · Score: 4, Insightful

    Well, not to start a flamewar or anything, but, as another poster pointed out, the SISL is an OSI approved license. Now, I quite agree with you that the GPL is the ultimate in Free Software licenses, but the provision of the GPL are not to everybodies taste. I too would be happier with the GPL, but as things stand today, this is bit better then no OSS license at all.Also, would you care to point out where the SISSL is incompatible with the GPL? or do the words "Commercial Use" just get your panties in a bunch?

    --
    People who think they know everything are a great annoyance to those of us who do.
  2. Can I run my own personal identity server? by goingware · · Score: 4, Insightful
    So would this mean I can run the server on my home linux box, and store all my private information only on my own machine, in my own house, so that websites would query the server I am operating when I want to log in?



    If so, then I might have some enthusiasm for it, and I imagine lots of others would as well.



    If my identity data is to be stored by some commercial service, even a Liberty Alliance member, I'm afraid I have no plans to participate.



    I won't use any website that requires me to sign up for Passport. I've done a lot of Windows development the last couple years, and I can well imagine it would be to my benefit to pay for M$' developer program, but my understanding is that it requires Passport to participate, so I won't have any part of it.



    Even if I had my own personal server storing my identity, you can bet I will configure my firewall so it will only accept queries from sites I consciously want to have the information.

    --
    -- Could you use my software consulting serv
  3. Re:Uh by Diabolical · · Score: 4, Insightful

    Yes... if that is the only computer you work with. But i have my personal systems at home, a system at work, when i'm visiting relatives i use their computer same when i visit friends. When i am on vacation i use a system in a cybercafe etc. etc. etc.

    It would be nice if i could use the info on a centralized system. Mind you, i'm just talking about the info. Not about data accumulated from online buying etc.

    This is where this system comes in, it allows to store information about a person on a central place while allowing online shops to hold on to their own info. MS Passport tries to gather all the info in one place, prefferably on their own servers.

  4. Misconceptions by finkployd · · Score: 4, Insightful

    There seems to be alot of misconceptions about Liberty. As I understand it, the framework allows you to "assert" your identity to a remote location by a trusted third party. Perhaps your trusted third party is your bank, or your University, or your ISP. You authenticate with them, then a packet of data asserting who you are is digitally signed by this trusted third party and sent to where ever. If the remote location trusts the third party to assert identities, then you are in.

    This does not seem to be about having the same password on every site, or even having ANY password on a site. It is federated authentication (and possibly authorization, but I don't know how they would do that, possibly with SAML assertions).

    Finkployd