IBM to Open Source Novel Identity Protection Software

coondoggie handed us a link to a Network World article reporting that IBM plans to open source the project 'Identity Mixer'. Developed by a Zurich-based research lab for the company, Identity Mixer is a novel approach to protecting user identities online. The project, which is a piece of XML-based software, uses a type of digital certificate to control who has access to identity information in a web browser. IBM is enthusiastic about widespread adoption of this technology, and so plans to open source the project through the Eclipse Open Source Foundation. The company hopes this tactic will see the software's use in commercial, medical, and governmental settings.

Re:Open source simple?

[Xtifr]

Yeah, 'cause clearly, nothing is more secure than a closed source solution. Security by obscurity is the ONLY ANSWER! And advice on computer security by random slashdot posters is far more trustworthy than anything from a company that's been making secure systems for longer than most of us have been alive.

Patented?

[SiliconEntity]

idemix which is the software in question appears to be covered by a number of patent applications submitted by the inventor, Jan Camenisch. What's the point in open-sourcing it if IBM has half a dozen or more patents covering the technology being used? Or will this process grant use of any IBM-owned patents necessary to run the code? And if so, what happens as people start modifying the code; how far can they go and still be indemnified against IBM patent infringement?

Patents and open source don't mix well. I don't see how this is going to work.