Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sun ONE Identity Server 6.0

Posted by timothy on from the crisis-identify dept.

scubacuda points to this article at The Register, about "what is believed to be the industry's first identity server based on Liberty Alliance Project specifications for federated network identity (date sheet here). Other reports of Sun's release: eWeek, Information Week, Computer World, & Y!"

5 of 87 comments (clear)

  1. So Wait? by Jordy · · Score: 5, Insightful

    Why is this under your rights online? Do we not like this system for some reason?

    It seems like a perfectly sane system. Distributed login, no personal information swapping between services and even a global logout. All the specifications appear to be published as far as I can tell.

    I'm pretty surprised there hasn't been any progress creating an Open Source implementation of the specification. Kinda disappointing.

    --
    The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
    1. Re:So Wait? by fuzzbrain · · Score: 4, Informative

      There is a developing open source implementation of distributed login here. There was a good article by Doc Searls about PingID and the Liberty Alliance in the December 2002 edition of Linux Journal.

  2. Now, let's connect this to local IDs by Max+Romantschuk · · Score: 4, Insightful

    I have an electronic ID card, which I haven't really found useful at all... I can in theory use it to identify myself in any kind of electronic transaction.

    Now, if identity servers could interact with local registries of people already in existance the whole secure, verifiable electronic ID -thing would really be taken to the next level.

    This is probably far to utopistic though...

    --
    .: Max Romantschuk :: http://max.romantschuk.fi/
  3. Re:This particular service begs for an OS solution by Xrikcus · · Score: 4, Insightful

    If nobody knows where the data is stored, is there not a problem with recovery if some of the system goes down? Extending that, if part of the system only goes down, and only certain peoples information is unobtainable, all of a sudden people know where it's stored...

  4. This is precisely the problem that is avoided by Mindbridge · · Score: 5, Informative

    Notice that Sun and the Liberty Aliance do NOT offer a centralized identity repository a la Passport. This is a distributed solution -- as a provider (internet store, etc.) you install an authentication server and decide yourself what other providers you can trust, so that if a user is logged in their site, he can be considered logged in yours as well (put simply).

    The only requirement is that the server implements the Liberty Aliance protocol standards. I _think_ one can make an open source server that implements those standards as well.