Passport vs. Plan 9

netphilter writes "LinuxWorld is carrying an article about how Apache and Plan 9 are going to defeat Microsoft's Passport. I hate Passport's integration with XP (although that might be because I hate XP). An Open Source single-sign on would be a real blessing. Will we ever get a good single sign-on solution?"

Re: yep 40 accounts, is so simple...

[GigsVT]

haahhhhahahah

i love keeping track of 40 accounts/passwords.

Who said you had to do that?

We have already solved the problem of single password authentication, it is built right into SSH. Basically, you send you public key to anyone you want to authenticate to. Your private key resides on your computer and is password protected. A local key agent manages your private key. When you authenticate the first time, your key agent asks you for your private key's password. Note that this password is never transmitted over the network, neither is the private key. The key agent makes it unnecessary to enter the password again for any site that has your public key, a real single sign on for any system that has your public key.

Even if your system is compromised, your private key is protected by the passphrase you set for it. If the Internet sites are compromised, all the attacker gets are worthless public keys.

Why hasn't someone implemented this instead of this passport silliness? The technology has been around to do this right, why do people keep trying to do it wrong?

How to disable Passport integration with XP

[Drakonian]

Remove Windows Messenger by running this command:

Start/Run/RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

This worked for me. It finally stopped telling me to register my .NET Passport, and doesn't run Messenger all the time.

Here is a site with more info: http://www.kellys-korner-xp.com/xp_messenger.htm

PS: Am I violating the DMCA by posting this? Well I'm not an American citizen, but if I was?