Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Open MS Passport': MyUID Goes Beta

Posted by timothy on from the free-alternatives dept.

mastergoon writes "MyUID, which has been refered to as an "open MS Passport", has opened their doors to public beta testing. MyUID is a user database system, with the purpose of allowing virtually anyone to refer to its records using only HTTP or HTTPS. Many companies have unified login systems, like Yahoo! and Microsoft, but unlike MyUID, these databases cannot be put to use by any site. As of now there is an alpha release PHP4 connectivity API, which while not feature rich is in full working order. APIs should be available in your favourite language soon. You can view this example of a site remotely connecting to MyUID using the alpha API, and give a go at spoofing a login. They want the security of the login methods tested extensively before going production."

4 of 208 comments (clear)

  1. Are we sure this is for real? by LostCluster · · Score: 5, Interesting

    They have the most useless FAQ in recorded history...

    The API is also decidedly undocumented.

    Please come back when there's actually something to show us...

  2. Usefulness? by wwahammy · · Score: 5, Interesting

    Kudos to whoever made this, I know you must have put your heart into this. I don't mean this comment as an insult to you or your idea. But really is there a need for this? I like the idea of simplifying the web for people but Passport exists (and failed) and I believe there's a competing group with Sun in it called the Liberty Alliance that has a non-centralized model which I think sounds much safer. A centralized database has too many problems related to it to be useful.

  3. TheirID or an Identity Commons? by Broadcatch · · Score: 5, Interesting

    I'm concerned that it is just another centralized database of information. At least with Passport you don't have to worry about their database being bought by Microsoft.

    At Identity Commons we intend to give people full control over their personal profile information, including not only who has access to which parts under what circumstances, but also where which parts of it are stored. If you don't trust any of the "banks" you can store it under your virtual mattress (if that's where you keep your server, though it might get kinda hot under there).

    The free and open source code base is built upon two new OASIS XML standards, Extensible Resource Identifiers (XRI) which add (among other things) persistence and cross references to URIs, and the XRI Data Interchange (XDI) spec which enables a "dataweb", much like URIs enable a "document web". The coolest part of XDI is the concept of Link Contracts, that enable fine-grained access control over profile data while simultaneously recording the details that both parties agree to (and electronically sign) before any data exchange takes place.

    While we're still a month (or more) from announcing, we have enjoyed some good initial exposure.

    BTW: we're looking for people to play with the (pre-alpha) software (it's on SourceForge and there are even some CPAN modules) and help us bring it to the next level.

    --

    The antidote for misuse of freedom of speech is more freedom of speech.
    -- Molly Ivins

  4. Google? by p0 · · Score: 4, Interesting

    I have just signed up, and my welcome message reads:

    "MyUID is giving out three Gmail invitations to it's users. Three MyUID users will be chosen at random on Monday, June 21st at 10:00 PM PDT (GMT minus seven) to receive the invites. Good luck."

    Why wouldnt google come up with its own 'passport' service?

    --
    This is my sig. There are thousands more, but this one is mine.