Slashdot Mirror
Liberty Alliance Having Problems
torre writes "This article would suggest that there seems to be some chaos in the Liberty Alliance fight against Passport. Between Sun's Jonathan Schwartz claiming defeat to Microsoft as it has the market tightly controlled with the help of windows to Novell's Justin Taylor who says that Microsoft's Passport has got nothing to offer when it comes to the enterprise. Should be interesting to see how things pan out."
Umm... did you think this over, really seriously? I was a user of DigitalMe, and it made my Internet life a helluva easier. I could securely log into all of my services without having to know more than one password by heart. I could personalize most of those services, using just a browser and my account at DigitalMe. I had some messaging and e-mail options at disposal just as an added benefit. I all worked together. (Unfortunately, Novell discontinued the service, but that's their old illness: got a lot of cool technology, but incapable of making profit outta it.)
Nonetheless, I can clearly see the advantages the industry and private individuals would have from Liberty alliance's efforts. Note that I didn't even mention the B2B features that the Liberty Alliance is working on.
Sigged!
I can log into my services securely too, and know only one password. It's quite easy.
:P
Set all of your passwords to be the same.
The only reason that Passport is useful is because it tries to dip its finger into a lot of pies at the same time. The end result is that corporations find out a lot more about your surfing/buying/playing habits than they otherwise would. In other words, it's *not* useful to the end user - it's useful to the service providers.
This article seems to have written in a deliberately misleading manner from a few out of context quotes. They put words in a Sun executives mouth (as far as I can see nobody has "conceded defeat") and then makes out that there is a rift because others haven't "conceded defeat".
One of the thing the Sun guy says is "I don't think it will be very long before we have a pervasive non-Microsoft client". That doesn't sound like conceding defeat to me.
My browser (Mozilla) stores my passwords. Don't see why I need a network-based service, controlled by someone else, subject to snooping, stealing, or worse, when the browser on a PC I control will do the trick.
sulli
RTFJ.
Give me liberty or give me something else. I'm cool with either, really.
Microsoft added a fake left curling single-quote to most of it's fonts about ten years ago. Toy 'desktop' systems like Word, MS Publisher, BOB use these quotes in order to look 'cool'.
Standards-based browsers: Netscape, Mozilla, Konqueror, Opera don't nesesarily display this non-standard 'quote' the way IE does. They default to showing a question mark when confronted with theis non-standard quote.
Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.
"Any time you use any Microsoft technology, you HAVE to sign-up for a passport license."
Not true. I've got people in my office today who have laptops running Windows XP. They are *not* forced to sign up for Passport. Let me repeat: They are not forced to sign up for Passport.
When you do need (note: I didn't say forced) to sign up for Passport is when you use their IM stuff. That is a choice you can make. It's a choice you make when you sign up for Hotmail. There's no forcing going on.
And no, Paypal doesn't require a Passport to sign up. I have no idea where you conjured up that idea.
Full disclosure time, I work for Andre Durand who setup Jabber Inc and whos latest venture is PingID. We got together, along with Adam Theo (who got our server slashdotted with the ransom thingy a few weeks back) because we'd been working on open source digital identity for about a year. Andre knows the balance between commercial and open source well in our opinions, and he's been sponsoring the effort.
I've been to DIDW 2002, met the guys designing the protocols and met Justin Taylor from Novell. All those links were to say, I've been following this scene since before people were talking about "identity" and I want to shout my thoughts loud and clear.
Firstly, the idea that Microsoft have authentication tied down is laughable. Passport is in its current incarnation a piece of crap. By version 3.1 I'm sure it'll be peachy, but right now it stinks. The extent of their "integration" with Windows is having IE6 use some native dialog boxes instead of web forms and being able to automatically sign on when you login (does anybody actually use that?). It is most definately possible to do something better than this in a seamless enough way that users would go for it. In fact when I was in Denver me and Adam sketched out an idea for how to do it.
Secondly, the Alliance is a rather mixed organisation. It's made up of lots of big corps who are not in fact enormous big baddies who want to steal your privacy just for the hell of it, but they do want to enable better business relationships. The example Esther Dyson gave was that the airline company should remember whether she likes window seats or not. I'm sure some Slashdotters would find this freaky/scary but she is a smart lady and she knew that she wanted that kind of information to make her life easier.
BUT - the LA is attempting to tackle a slightly different problem to the one that interests me and Adam. What we want to do is simple: we want to be able to run a server on theoretic.com that lets me sign in to Slashdot with my network address, lets me sign up for mailman mailing lists without inventing passwords each time, links my Jabber account with my email account with my personal profiles so people can locate me based on interest, so I can sign in to Linux GDM with my network address and get my roaming desktop and so on. We have LOTS of ideas! :)
What the LA are doing is linking currently existing identities together. They gave a demo of the technology in Denver. In fact, it was Justin Taylor who did this demo. It was entirely corporate focussed, they started from an intranet and were automatically signed in to some flight reservation service. That sort of tech has its place, and they're being realistic in that linking identities is a good way to start until people start getting their own identities hosted for them like email addresses.
The LA has some good points to it, don't mindlessly bash it. However, it also has some bad points. One is the stupid requirements for membership, which they admitted to me privately are basically to keep the little guys out. Another is the hideous complexity of their protocols. The ones we've developed sacrifice a small amount of flexibility for a huge increase (imho) in implementability and understandability.
Well having plugged it now (i seem to be plugging a lot of my projects today), I guess I'd better point out that what we're doing actually consists of two parts. The first is the protocol. This is (currently) called the Genio Protocol, and will be getting its own website soon (look for an announcement here when it does). It's simple, open and as far as we know free of IP claims. The second is the SourceID reference server, which is under a pseudo open source license.
We have user profiles working, and I was coding up basic tickets functionality (authentication/authorization tokens) last weekend. Hopefully genioprotocol.org will be up soon and then it'll make more sense.
Believe me, this is totally scratching an itch on my part (though I do get paid for it now too [grin]) because I think a good set of solid open digital identity protocols will make my life easier, and totally kick ass into the bargain.
I played Asheron's Call (online RPG published by Microsoft) for about 2 years. Then one day, poof, you can't log on to play the game without Passport. I guess you could argue that I didn't have to play that game, but after a 2 year investment... Personally, I'd call that an example of being forced to sign up for passport. It actually adds a step in the logon process, slowing things down for me.