Slashdot Mirror
Sun Releases Open Source Tool for Project Liberty
ruisantos writes "After submiting the technical specifications for the project , Sun has finally launched an open source tool for its upcoming Sun ONE Identity Server version 6.0, the news can be found on CNET news."
I don't get it. Is Sun ONE the same as the Liberty Alliance? The article that is referenced doesn't mention Sun ONE that I could see, just the Liberty Alliance.
I didn't even know that the Liberty Alliance was still around since Hailstorm kinda fell through.
I wonder if they're having much luck selling the idea to anyone. Microsoft sure didn't.
www.timcoleman.com is a total waste of your time. Never go there.
Well, not to start a flamewar or anything, but, as another poster pointed out, the SISL is an OSI approved license. Now, I quite agree with you that the GPL is the ultimate in Free Software licenses, but the provision of the GPL are not to everybodies taste. I too would be happier with the GPL, but as things stand today, this is bit better then no OSS license at all.Also, would you care to point out where the SISSL is incompatible with the GPL? or do the words "Commercial Use" just get your panties in a bunch?
People who think they know everything are a great annoyance to those of us who do.
If so, then I might have some enthusiasm for it, and I imagine lots of others would as well.
If my identity data is to be stored by some commercial service, even a Liberty Alliance member, I'm afraid I have no plans to participate.
I won't use any website that requires me to sign up for Passport. I've done a lot of Windows development the last couple years, and I can well imagine it would be to my benefit to pay for M$' developer program, but my understanding is that it requires Passport to participate, so I won't have any part of it.
Even if I had my own personal server storing my identity, you can bet I will configure my firewall so it will only accept queries from sites I consciously want to have the information.
-- Could you use my software consulting serv
My brother works at fedex and they are turning into an all Windows shop.
This assertion is completely and utterly incorrect. It is so far from the truth that one might consider it a deliberate fabrication. Real core production FedEx systems revolve around serious IBM mainframe hardware. Nothing else really supports the necessary transaction volume. Many applications are front-ended by web interfaces running on lots and lots of Sun servers. And Sun boxes being phased out are being upgraded, not replaced. No one at FedEx seriously considers Windows for any core business application, server side. No way it could handle the volumes of data.
For example, one of our smallest non-core-business systems handles maintenance on our vehicles. We periodically look for an off-the-shelf system to buy. Vendors come in all bright and happy and tell us how wonderful their application is. It's easy to use and runs on nice commodity PC hardware under Windows. They tell us they have customers supporting fleets with several thousand vehicles with no problems. And they say it as if we should be impressed about someone operating fleets of 1, 2 or even 3 or 4 thousand trucks. We say, "Great! We have over 160,000 assets, over 60,000 of which are big rigs alone. We have more than 2,000 mechanics scattered over the globe performing 5,000-10,000 different repair actions on those assets every business day, year round, to keep them running. Those repairs generate 500-1000 potential vendor warranty claims per day which must be processed and filed as fast as they are created. And we must automate every possible part of the process chain that we can. Oh, and we need to retain all that data on-line for anywhere from 18 months to 5 years for various business and regulatory reasons. Can your system handle that?" And they look back with a deer-in-the-headlights look and promise to get back to us. And back we go to those old mainframes just chugging happily along, with nice spiffy web front-ends and feeding big honkin' data warehouses on Sun servers. And this is an example of one of the tiniest systems we have! Never mind about really important stuff like flight planning, scheduling or, heaven forbid, the Sort!
Oh, and we can't forget the millions of lines of custom COBOL that have been written and tailored to FedEx business processes. Code that would take some terrible amount of programmer-decades to re-engineer if we ever moved off mainframes.
Just because your delivery-truck driving brother uses a Windows PC at his station or strapped to his wrist does not at all mean that FedEx is in any way using Windows for anything other than client access. We use what makes sense, where it makes sense. For clients, at this point in history that's mostly Windows. For most everything else with really big requirements, Windows just doesn't make sense, whether for reliability, scalability or performance.
I think the best solution is to store one's passwords under hard encryption, and keep the physical storage medium in a safe - a physical metal box with a combination lock - when not in use.
I'm not using it yet, but at some point I'd like to get a Palm or Handspring Visor just so I can use Keyring for PalmOS (formerly GNU Keyring).
An alternative would be to put compact flash readers on all my machines and use a compact flash card.
Finally, there is WiebeTech's FireWire KeyChain, which stores up to 1 GB of data in a tiny package convienent to hold your metal keys and keep in your pocket.
The advantage of the PalmOS keychain is that it requires no software or hardware support on the computers it is used with, and it can be quickly moved from computer to computer. The advantage of compact flash and WiebeTech's product is that software support can pop the password onto the clipboard for you for convenient pasting into your browser.
-- Could you use my software consulting serv
Yes... if that is the only computer you work with. But i have my personal systems at home, a system at work, when i'm visiting relatives i use their computer same when i visit friends. When i am on vacation i use a system in a cybercafe etc. etc. etc.
It would be nice if i could use the info on a centralized system. Mind you, i'm just talking about the info. Not about data accumulated from online buying etc.
This is where this system comes in, it allows to store information about a person on a central place while allowing online shops to hold on to their own info. MS Passport tries to gather all the info in one place, prefferably on their own servers.
There seems to be alot of misconceptions about Liberty. As I understand it, the framework allows you to "assert" your identity to a remote location by a trusted third party. Perhaps your trusted third party is your bank, or your University, or your ISP. You authenticate with them, then a packet of data asserting who you are is digitally signed by this trusted third party and sent to where ever. If the remote location trusts the third party to assert identities, then you are in.
This does not seem to be about having the same password on every site, or even having ANY password on a site. It is federated authentication (and possibly authorization, but I don't know how they would do that, possibly with SAML assertions).
Finkployd