Slashdot Mirror
Passport vs. Plan 9
netphilter writes "LinuxWorld is carrying an article about how Apache and Plan 9 are going to defeat Microsoft's Passport. I hate Passport's integration with XP (although that might be because I hate XP). An Open Source single-sign on would be a real blessing. Will we ever get a good single sign-on solution?"
The question should be: Do we really want a single sign in solution? I don't like passport, or its integration into XP and I probably won't like a Linux version. Single sign in sounds terribly insecure. I suppose the Linux version might be more secure since as Microsoft says, their products aren't made for security.
FoundNews.com - get paid to blog.,
but isn't the biggest thing against single-sign-on the fact that there's a single point of failure? why would open source change that?
FreeBSD for the impatient.
Not only does Passport go against the KISS philosophy embraced by many Unix and Linux developers, but the potential for security breaches is only magnified when a single universal authentication system is developed. It seems to me we'd be better off leaving authentication procedures up to the individual site owner rather than having a universal authentication protocol built-into Apache. This would also be a more practical solution as a single authentication system cannot be tailored to fit all sites. I sure don't want to trust all of my on-line bank transactions to something like Passport, so the need exists for highly encrypted ultra-secure authentication on some sites, while other less secure sites like Slashdot which transmit passwords across the 'net in plain text could probably get by with using a much more basic authentication system.
-atrowe: Card-carrying Mensa member. I have no toleranse for stupidity.
An open source sign on would have to store passwords and usernames in a database. Where would this data be stored, who would maintain it and whos going to pay for the upkeep. Single Sign in is really just away to capture all the data a site needs in order to sort and display ads that might interest the user. Sometimes its really cool to have personalized web experiences but where do we draw the line. When passport came out I remember saying, "Ill never use that" But as larger sites incorporated it in I found it to be useful. I think that SUN will have the answer with their new N1 plans.
pretzel_logic
I too will question the very advisability of single sign on. There are good reasons I keep multiple banking, credit card and merchant accounts. I specifically * don't want* one single authority to be tracking my every move. I * don't want* all my finacial and personal assets and records piled up in one location. I keep a *diversified* portfolio.
What good is having your system backed up on removable media if your house burns down and * you don't have a copy off site?*
When Egghead was hacked I knew for a fact that I had to be concerned about *one* of my credit card accounts. I could watch that *one* like a hawk and the risk didn't steamroll through my whole life. The argument is, of course, that there is less risk with a well protected central account, but that account is an all or nothing sort of deal. You're either safe, or you lose everything.
I'll take the slightly greater overall risk at sustaining *some* sort of loss against the lower risk of complete and total devestation.
Do you have sort of financial insurance? Say on your car? Exact same deal. You "lose" your insurance payment against the protection from greater potential loss.
Obviously others disagree but I think that single access is just plain dumb, and all to save you a rather miniscule risk to save a few minutes of typing a year.
KFG
>Do you trust Microsoft enough to give them the
>key to all of your personal information?
Do you trust ANY company enough to give them the key to all of your personal information?
-l
It's a common misunderstanding what "single signon" actually means. Even in this article that doesn't cover Passport in detail, when indicating the passport authentication process, look at step 3:
#3 Which redirects it back to its authorized Passport server
Notice that it's not "the" passport server, it's "its authorized...". The passport server may or may not be at Microsoft!
I'm busy setting up an LDAP server to allow a rapidly growing (and I do mean RAPIDLY growing, 4x growth in the last year) ISP to scale. We need to allow for future virtual servers, FTP, email, etc. and do so with a single authentication scheme.
LDAP does all this, and more, in a distributed, secure and encrypted fashion. Why are we bothering with HTTP "web services", when LDAP will do all this and lots more?
(Scratches head)
"Single Signon" doesn't mean there's some Microsoft server someplace the whole world logs in to, it means there's ONE server provided by somebody you trust, that authenticates you as YOU and which manages information on your behalf to determine what you should be granted/denied access to. You sign in once, and have immediate access to all the services you have set up.
There can be any number of authentication servers!
Passport, Plan 9, Kerberos, LDAP, and to a lesser extent, NIS and a few others give that ability!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
right about the same time when Linux gets a single unified desktop/window manager.
-ted
factotum (plan 9's authentication agent) is not a single sign-on solution, although it can be when used in conjunction with secstore. what it does mean is that applications do not have to be burdened with complex and error-prone authentication code, and that there is one, well-verified, point in the system that holds secrets and understands the protocols.
in the factotum scheme, you can mark certain accounts (e.g. your bank account access) so that they will always require a password to be entered; you can also use the scheme without secstore (which is what i'm doing currently) which just forces you to type in each password the first time it's required. secstore is a means to store all your passwords in one place securely, which you can then use to prime factotum.
this is the essence of the plan 9 approach - choose an abstraction and write it in a simple, modular way so that it's applicable to a wide range of previously unanticipated scenarios. it's a wonderful system, and one that carries forward the true unix tradition, something that UNIX lost long ago.