It's hard to find much on the technology, but some info is here. Liberty continues to be a win mainly for the corporate IP lawyers as they work to find ways to share customer information between the fortune 500. Meanwhile, most of the WS-* stack is not in any standards committee, and thus not availble to free and open source projects. I think the identity system that actually catches on will be 100% FOSS - probably based on SAML 2.0 - and spring from the grassroots, rather than from some corporate entities that would like to be our "identity providers."
I'm not a spammer, and I've talked to my ISP in December, and though they have a spotty history (as servepath) they have moved clean machines to a new location (Spear street) and these IPs should not be on this list.
Eben's a great guy is certainly a David against many Goliaths. Glad to hear about the Software Freedom Law Center! He has his work cut out for him in updating the GPL as there are many IP issues that will need to get worked out with the BigCos that regularly use and/or distribute GPL'd software. Glad to see he's getting some help from people like Weitzner and Lessig (don't know Diane Peters, but I'm sure she's good).
Windows Longhorn will have an identity system in it, currently code-named InfoCard. But from what I hear, they are actually looking for open standards on which to base their identity infrastructure, and this would make a *lot* of sense. If they promoted a system that was 100% decentralized (as opposed to the 100% centralized Passport), free and open source, and integrated it sweetly into their OS, they would have an identity system that would be peerless and increase their market share (or at the least, not drive people away so fast).
The only system I know of that fits the bill is the nascent Identity Commons system that is just starting to come online. (Disclaimer: I am 2idi's CTO)
There is obviously a lot of confusion around the term "free software" - as one post pointed out, there's at least three types: freeware (free as in beer), free software (free as in freedom) and open source (you can access the source). But only free software gives you the freedom to do what you want with it, like sell, modify, reuse it or publish it. Freeware may be closed source, and open source may have restrictions applied.
Global names cost $25 for 50 years - I still think that's a pretty good deal. This is a fundraiser, after all. And one in which you get something that may become quite valuable in the future.
There will be free local i-names available soon (via communities or your own i-broker, once we have the source packaged for release).
Until then, I gotta eat. (And I could make double what I'm making now - and have benefits for my wife and kid - if I quit and worked for some regular company. But I believe in this work. So I'm paying with my sweat.)
People often ask: what is the difference between your technology and Microsoft Passport?
As I like to say, the only thing good about Passport is at least you know their database won't get bought by Microsoft (because they already own it!).
In functionality - such as automatic data sharing, form filling and single sign-on - we share much with Microsoft Passport. (In fact, Passport grew out of Firefly, which is descended from my 1981 thesis on a personalized newspaper - NewsPeek - at what became soon after the M.I.T. Media Lab. I named the systems "NewsPeek" for two reasons: it provided a "peek at the news," and it was a warning that if centralized control over personal profiles existed, the future depicted in George Orwell's 1984 - where the official language was "NewSpeak" - could come true.)
But all that aside, where we differ is where it gets interesting. For one, we are decentralized. There is no single i-broker or data store that you must use. While it is true that there is only one sanctioned global registry for '=' (personal) and '@' (organizational) names, many other forms of community and peer-to-peer i-name registries can exist. It's also important to note that your data is not necessarily stored in any one place. For ease of use reasons you may choose to use a single i-broker to negotiate access to you data, but each item of your profile could conceivably be stored in a different data hosting service. (Note that current service providers that store information about you are acting as a data hosting service already.)
Another point is that, through our architecture and FOSS (free and open source software) availability of our code, we don't lock you in. Rather, you are free to move around between the i-brokers of your choosing - and even to run an i-broker yourself! We (at 2idi) are committed not only to providing you this choice, but also to providing such a compelling suite of services that i-name holders choose to have their i-names hosted at 2idi.
misconceptions: not centralized nor passport
on
i-Names Pick Up Steam
·
· Score: 3, Informative
One of the primary misconceptions about i-names is that they're centralized. They're not.
Another is that 2idi is just another passport controlling your information. It isn't.
I-brokers, which are based on the open OASIS XRI, XDI and SAML standards, are not centralized. Well, they are now only because there is just one of them, but we have a project underway right now to package our code for release under the dual GPL/BSD license. At that point in time (by the end of the year) anyone can be an i-broker.
The text in the 2idi Terms of Service is, IMO, not the best (disclaimer: I wrote it). I would like to see better text there. Identity Commons is a member governed chaordic organization (sorta like VISA) and as a member, I hope that we can get a lot of input on how to make our TOS better. Since we're so damn new to all this, we really didn't know what they should say. But our business model is based on us being trustable *(as people can easily move to any other i-broker if ours loses favor) so it'll have to get better, that's for sure!
Finally, regarding the "land grab" issue: yes, that is a problem with the global name space for which we are currently selling i-names. But Community (or local) i-names will be free, and we expect most of the interesting stuff that happens to be on the edges of the net in the local communities. As each community defines it's own namespace (e.g., I am "broadcatch" in the Slashdot community) there is no need for top level names. (That said, they will be easier to type across communities and generally shorter in their fully qualified form. And $25 for 50 years is a good deal...)
I have always found Cisco customer support to be excellent - they either know the answer of will actually call you back with the answer, usually in the same day.
Cygnus did well providing support for open source software. Perhaps XORPgnus could fill a similar niche?
SourceID is open source, but not free. Identity Commons software is FOSS (BSD/GPL) and even more distributed - literally anyone can become an identity broker. It's also based on open, OASIS standards XRI, XDI and SAML. Cool stuff. It's not complete yet, but you can get an i-name now.
I've recently changed my mind (something apparently disallowed in politics)
about the Trusted Computing Group (nee Paladium). I've been working with one
of TCG's members, Geoffrey Strongin (AMD) who has this to say about privacy
and DRM concerns:
All of us are highly sensitized to this issue and have emphasized that these
concerns must be addressed," said Geoffrey Strongin, platform security
architect for AMD. Strongin argued that, far from undermining privacy,
hardware-based security will improve user protections. "What we are doing
here is a tremendous enhancement to privacy. Without adequate security,
privacy protections is impossible. (
ZDNet)
Basically, what we are working on is an open data sharing mechanism called XDI that provides a
platform to enable trusted access to and sharing of data. Such a system, if (e.g.)
supported by hardware, could enable the owner to define for themselves who
they trusted to have access to their hardware or software, much in the way
that the PICS could enable parents to
decide what content their children should be able to see. Thus, you could
choose to trust e.g. Microsoft and load their XDI data sharing contracts, or
if you wanted the FSF or the EFF might publish XDI contracts that you'd
rather use. Who knows? maybe/. might have it's own "trusted computing
platform" suggestions...
When one messages their location, determination of the privacy and use of this information should be up to the sender, though that is not clear from the site. Further, the ability to form secure groupings would seem to me important.
SNs still need a distributed, trusted identity infrastructure that enables full user control over their information and potability of authentication and (profile) data storage providers.
You want secure storage - what if your house burns down?
Buy your drives in pairs - each time the best price/performance ratio. When one gets full, back it up on to the second, put the backup in a safe deposit box in another state, and buy two more drives.
Yes, Liberty has done some great thinking about privacy and security, but
it's still a hub-and-spoke system in which they (the 150 rich and powerful
members) own your identity and (in their parlance) "provide" you with access
to it through an "Identity-Provider".
Still, it's a lot better than Microsoft, where the only good thing to say
about Passport is you know that the database won't get bought by Microsoft.
There are other personal identity platforms coming in the open
source/grassroots arena. One promising entry is being put forward by the Identity Commons [disclaimer: I'm the
CTO;-)] where each person owns and controls their own identity. We're
launching a fund raiser in a few weeks in which people will be able to buy a
50 year duration i-name for somewhere under $50 U.S. There's a bit
more on i-names on our technology page, but
we're still working hard on the code (and the site!).
Bottom line: don't put all your eggs (or identity) in one basket - unless you
own and control that basket!
I'm concerned that it is just another centralized database of information.
At least with Passport you don't have to worry about their database being
bought by Microsoft.
At Identity Commons we intend to give people full control over their personal
profile information, including not only who has access to which parts under
what circumstances, but also where which parts of it are stored. If you
don't trust any of the "banks" you can store it under your virtual mattress
(if that's where you keep your server, though it might get kinda hot under
there).
The free and open source code base is built upon two new OASIS XML standards,
Extensible Resource Identifiers (XRI) which add (among other things)
persistence and cross references to URIs, and the XRI Data Interchange (XDI)
spec which enables a "dataweb", much like URIs enable a "document web". The
coolest part of XDI is the concept of Link Contracts, that enable
fine-grained access control over profile data while simultaneously recording
the details that both parties agree to (and electronically sign)
before any data exchange takes place.
BTW: we're looking for people to play with the (pre-alpha) software (it's on
SourceForge and there are even some CPAN modules) and help us bring it to
the next level.
I don't see why the CS/AI Lab and the Linguistics Departments need this
much security anyway.
Exactly the question. Really, it's creeping Big Brother fad and supported by
out-of-control corporatism. Back in the late 70's when I was there, there
were no locks on any doors, and not even any passwords on the machines
that were arguably some of the most powerful connected to the Arpanet.
Security was maintained by a group camaraderie, and it worked really well.
Then the corporations (in those days we called it the military-industrial
complex) came in and saw what we were doing with the Lisp machine and created
Symbolics to lock down the IP. Thus died an era of unfettered innovation and
laid the foundation for Stallman's GNU project and the Free Software
Foundation.
It's sad to see that a school as committed to getting education right as
M.I.T. bowing to continued corporate pressures, but that's what's going on.
What the suits are worried about is IP getting out. A stolen computer can be
replaced, but if J.C. Penny's embedded advertising tech got out to a
competitor, well, that could cost millions in grants.
I'm surprised at how few seem to be concerned with yet another (possible) invasion of privacy. What Brad describes is just another facet of the continuing erosion of our basic freedoms that so many have fought and died for (I'm talking real wars, not our current well-funded terrorist activity in Iraq). If you haven't heard of the Boiling Frog Syndrome, Google it.
Slashdot Mirror
It's hard to find much on the technology, but some info is here. Liberty continues to be a win mainly for the corporate IP lawyers as they work to find ways to share customer information between the fortune 500. Meanwhile, most of the WS-* stack is not in any standards committee, and thus not availble to free and open source projects. I think the identity system that actually catches on will be 100% FOSS - probably based on SAML 2.0 - and spring from the grassroots, rather than from some corporate entities that would like to be our "identity providers."
The ISP (coloserve) has removed the spammers. See my reply to a previous comment for more info.
The class B in question is 64.151
/27 at 64.151.86
I've got a
The spews listing is at http://spews.org/html/S2777.html
I'm not a spammer, and I've talked to my ISP in December, and though they have a spotty history (as servepath) they have moved clean machines to a new location (Spear street) and these IPs should not be on this list.
But there seems to be no way to get de-listed.
...that my server happens to be in the middle of.
This sucks, and they have been unresponsive to whitelisting our machines.
Mod parent up
Eben's a great guy is certainly a David against many Goliaths. Glad to hear about the Software Freedom Law Center! He has his work cut out for him in updating the GPL as there are many IP issues that will need to get worked out with the BigCos that regularly use and/or distribute GPL'd software. Glad to see he's getting some help from people like Weitzner and Lessig (don't know Diane Peters, but I'm sure she's good).
Windows Longhorn will have an identity system in it, currently code-named InfoCard. But from what I hear, they are actually looking for open standards on which to base their identity infrastructure, and this would make a *lot* of sense. If they promoted a system that was 100% decentralized (as opposed to the 100% centralized Passport), free and open source, and integrated it sweetly into their OS, they would have an identity system that would be peerless and increase their market share (or at the least, not drive people away so fast).
The only system I know of that fits the bill is the nascent Identity Commons system that is just starting to come online. (Disclaimer: I am 2idi's CTO)
There is obviously a lot of confusion around the term "free software" - as one post pointed out, there's at least three types: freeware (free as in beer), free software (free as in freedom) and open source (you can access the source). But only free software gives you the freedom to do what you want with it, like sell, modify, reuse it or publish it. Freeware may be closed source, and open source may have restrictions applied.
Global names cost $25 for 50 years - I still think that's a pretty good deal. This is a fundraiser, after all. And one in which you get something that may become quite valuable in the future.
There will be free local i-names available soon (via communities or your own i-broker, once we have the source packaged for release).
Until then, I gotta eat. (And I could make double what I'm making now - and have benefits for my wife and kid - if I quit and worked for some regular company. But I believe in this work. So I'm paying with my sweat.)
People often ask: what is the difference between your technology and Microsoft Passport?
As I like to say, the only thing good about Passport is at least you know their database won't get bought by Microsoft (because they already own it!).
In functionality - such as automatic data sharing, form filling and single sign-on - we share much with Microsoft Passport. (In fact, Passport grew out of Firefly, which is descended from my 1981 thesis on a personalized newspaper - NewsPeek - at what became soon after the M.I.T. Media Lab. I named the systems "NewsPeek" for two reasons: it provided a "peek at the news," and it was a warning that if centralized control over personal profiles existed, the future depicted in George Orwell's 1984 - where the official language was "NewSpeak" - could come true.)
But all that aside, where we differ is where it gets interesting. For one, we are decentralized. There is no single i-broker or data store that you must use. While it is true that there is only one sanctioned global registry for '=' (personal) and '@' (organizational) names, many other forms of community and peer-to-peer i-name registries can exist. It's also important to note that your data is not necessarily stored in any one place. For ease of use reasons you may choose to use a single i-broker to negotiate access to you data, but each item of your profile could conceivably be stored in a different data hosting service. (Note that current service providers that store information about you are acting as a data hosting service already.)
Another point is that, through our architecture and FOSS (free and open source software) availability of our code, we don't lock you in. Rather, you are free to move around between the i-brokers of your choosing - and even to run an i-broker yourself! We (at 2idi) are committed not only to providing you this choice, but also to providing such a compelling suite of services that i-name holders choose to have their i-names hosted at 2idi.
One of the primary misconceptions about i-names is that they're centralized. They're not.
Another is that 2idi is just another passport controlling your information. It isn't.
It's clear that Identity Commons and 2idi have to work on their messaging...
I-brokers, which are based on the open OASIS XRI, XDI and SAML standards, are not centralized. Well, they are now only because there is just one of them, but we have a project underway right now to package our code for release under the dual GPL/BSD license. At that point in time (by the end of the year) anyone can be an i-broker.
The text in the 2idi Terms of Service is, IMO, not the best (disclaimer: I wrote it). I would like to see better text there. Identity Commons is a member governed chaordic organization (sorta like VISA) and as a member, I hope that we can get a lot of input on how to make our TOS better. Since we're so damn new to all this, we really didn't know what they should say. But our business model is based on us being trustable *(as people can easily move to any other i-broker if ours loses favor) so it'll have to get better, that's for sure!
Finally, regarding the "land grab" issue: yes, that is a problem with the global name space for which we are currently selling i-names. But Community (or local) i-names will be free, and we expect most of the interesting stuff that happens to be on the edges of the net in the local communities. As each community defines it's own namespace (e.g., I am "broadcatch" in the Slashdot community) there is no need for top level names. (That said, they will be easier to type across communities and generally shorter in their fully qualified form. And $25 for 50 years is a good deal...)
Cygnus did well providing support for open source software. Perhaps XORPgnus could fill a similar niche?
SourceID is open source, but not free. Identity Commons software is FOSS (BSD/GPL) and even more distributed - literally anyone can become an identity broker. It's also based on open, OASIS standards XRI, XDI and SAML. Cool stuff. It's not complete yet, but you can get an i-name now.
Sounds like an area Ubuntu could step into pretty easily...
When one messages their location, determination of the privacy and use of this information should be up to the sender, though that is not clear from the site. Further, the ability to form secure groupings would seem to me important.
SNs still need a distributed, trusted identity infrastructure that enables full user control over their information and potability of authentication and (profile) data storage providers.
That says it all.
You want secure storage - what if your house burns down?
Buy your drives in pairs - each time the best price/performance ratio. When one gets full, back it up on to the second, put the backup in a safe deposit box in another state, and buy two more drives.
Sometimes the simplest way is the best way.
Still, it's a lot better than Microsoft, where the only good thing to say about Passport is you know that the database won't get bought by Microsoft.
There are other personal identity platforms coming in the open source/grassroots arena. One promising entry is being put forward by the Identity Commons [disclaimer: I'm the CTO ;-)] where each person owns and controls their own identity. We're
launching a fund raiser in a few weeks in which people will be able to buy a
50 year duration i-name for somewhere under $50 U.S. There's a bit
more on i-names on our technology page, but
we're still working hard on the code (and the site!).
Bottom line: don't put all your eggs (or identity) in one basket - unless you own and control that basket!
I'm concerned that it is just another centralized database of information. At least with Passport you don't have to worry about their database being bought by Microsoft.
At Identity Commons we intend to give people full control over their personal profile information, including not only who has access to which parts under what circumstances, but also where which parts of it are stored. If you don't trust any of the "banks" you can store it under your virtual mattress (if that's where you keep your server, though it might get kinda hot under there).
The free and open source code base is built upon two new OASIS XML standards, Extensible Resource Identifiers (XRI) which add (among other things) persistence and cross references to URIs, and the XRI Data Interchange (XDI) spec which enables a "dataweb", much like URIs enable a "document web". The coolest part of XDI is the concept of Link Contracts, that enable fine-grained access control over profile data while simultaneously recording the details that both parties agree to (and electronically sign) before any data exchange takes place.
While we're still a month (or more) from announcing, we have enjoyed some good initial exposure.
BTW: we're looking for people to play with the (pre-alpha) software (it's on SourceForge and there are even some CPAN modules) and help us bring it to the next level.
Then the corporations (in those days we called it the military-industrial complex) came in and saw what we were doing with the Lisp machine and created Symbolics to lock down the IP. Thus died an era of unfettered innovation and laid the foundation for Stallman's GNU project and the Free Software Foundation.
It's sad to see that a school as committed to getting education right as M.I.T. bowing to continued corporate pressures, but that's what's going on. What the suits are worried about is IP getting out. A stolen computer can be replaced, but if J.C. Penny's embedded advertising tech got out to a competitor, well, that could cost millions in grants.
Dominos also contributes to pro-life organizations. How you feel about this is up to you, but being fully informed is a good thing IMHO.
And their pizza sucks (from what I've heard).
Support your locally owned pizzaria.
OK, this just proves the frog is more intelligent that the US public...
I'm surprised at how few seem to be concerned with yet another (possible) invasion of privacy. What Brad describes is just another facet of the continuing erosion of our basic freedoms that so many have fought and died for (I'm talking real wars, not our current well-funded terrorist activity in Iraq). If you haven't heard of the Boiling Frog Syndrome, Google it.