First, this is one of the worst article ever written. The author mixes so many different things that have absolutely nothing in common. He is trying to explain many different things (open source, XML, SGML, the future of Solaris, etc.) and does a poor job at most of them.
Anyway, here are some comments related to what the article should be talking about. (I was talking with the Plan9 people about factotum no later than yesterday:-)
Plan9 authentication (called factotum) is very similar to SSH agent. The main differences are that (1) ssh agent works only for ssh while factotum can work with any "factotum aware applications" and (2) factotum uses a central secure store.
In terms of difference with Passport and LA, I think the approaches are dual.
(1) Factotum/SSH agent is about: 1 master key that gives you access (it is more than that) to other keys.
(2) Liberty Alliance (federated single sign on) offers as many keys as there are authenticators all linked to the same identity (the linking is the magic behind the federation).
(3) Passport is a centralized single sign-on.
It is not clear to me which way is better between 1 and 2.
Here is an interesting scenario for single sign-on: m-commerce. I am on my cell phone, I browse the amazon web site and I purchase a book. What should happen? Today, you need to authenticate as an Amazon user in order to complete the transaction. But this is unnecessary. When you use your cell phone, the telephony network knows who you are (and make sure that your airtime minutes get debited from your account). You are already authenticated. In the single sign-on scenario, the telephony operator should be able to "propagate" the authentication to amazon. You should be able to purchase without having to authenticate a second time.
OK, some people will argue that if your cell phone gets stolen, shit will happen. For such a scenario, we can imagine that the authentication to the telephony network requires some extra credentials (e.g. pin number, or even better voice authentication).
I don't see a contradiction. There is profile information that you need to provide when you register (e.g. Hotmail).
Usually this is information that is not useful to you because 1) they are part of you like gender, address, etc. 2) they are not going to change and 3) the quality of the service you get from the ISP is not going to be decreased if you fill the form with lies. This is what I call the ISP crap.
I am talking about the information you provide as part of the use of the service, like calendar info, bookmark, etc.
Most comments only address one aspect of the problem: how an end-user can access and manage his/her data in a ubiquitous way.
The obvious solutions are: - carry it with you (USB, etc.) - store it on a server (ISP, home desktop) Access control is simple: you can access your data, nobody else can. The data is encrypted and you have the key.
The more interesting aspect (I guess my initial post was not clear enough) is that I want to share this data. Apparently very few people on/. are even considering this option. Is it selfishness, paranoia, or am I missing something?
I want some applications to be able to access this data to perform some useful services (e.g. by combining presence and calendar information, people could reach me more efficiently).
The challenge is how to provide a controlled and integrated access to my profile information.
1. you can use caching 2. ok with compact flash, you get instant profile. But this is the profile, the last time you put it on the card. If you don't sync it very often, you end up with an old -- useless -- profile.
The end user may trust some companies more than others (just like banks). Where would you put your money: Bank of America or Banco Commercial de Buenos Aires?
We can imagine a system where the user simply specifies the degree of trust and the information gets mapped to storage servers transparently. We can even imagine using architectures like Publius or FreeHaven to split the data into slices and have slices spread all over the network.
LDAP is great, I agree: - flexible data model - hierarchical and distributed architecture - free implementation - lots of schemas - decent access control
Here are the limitations:
- data model is flat When you take an LDAP object class, the structure is flat: no possible nesting.
- the transport mechanism is not ASCII (as opposed to XML)
- the LDAP query language is way too limited
- the way user profiles have been implemented so far is wrong. Netscape user profiles uses LDAP but each component (address book, bookmarks, cookies, etc.) is stored as a blob. This means that the only that you can do is to retrieve the entire address book, or the entire bookmarks. The granularity is wrong. Moreover, this opaqueness makes the various components live in different spaces. There is no way to write a query which will combine address book info with calendar data.
With XML, everyone lives in the same space and you can write queries that return (for instance) the name and phone numbers of all the people I have a meeting with next Tuesday.
Open source is about many eye-balls for free. Slashdot is about many brain cells for free.
The troubles with the company which supports the labs have forced some strong reduction in the staff. We need to find creative ways to do more with less. And what better forum than/. to get some smart comments, ideas and pointers about stuff that matters. And it is free.
I am talking about two things (you seem to be the only to have noticed. Bravo):
- accessing my own data - making my own data accessible to other
In terms of technology versus standards, GUPster is the bastard child (yet to be born) of GUP and Napster. And GUP (Generic User Profile) is an on-going 3GPP standard.
I think the problem (actually the two problems) need to be tackled from both ends: standards and technology.
This is fine if I want to store and retrieve my data.
But how do I make it possible for 3rd party app to retrieve some of my data. For instance, a reach-me application would need to access my calendar info to have a better chance to reach me.
How do I grant access to this data for this specific use and this use only?
But I disagree with your requirement that it is controlled by a non-profit org. Let the market decide.
I envision some providers to store my profile data and I can choose the one I want based on cost, reputation, etc.
If such a vision takes off, I am sure that organizations like the EFF would deploy servers to offer the service for free (and would gracefully accepts donations).
The point is not to store information just for you. The point is to provide a mechanism to share information with some applications in order to get a better user experience.
Unless the chip you talk about can be reached from the network and implements access control management, it is useless for everyone else but you.
Implementing a safe vault for my data is easy. As you say, you just encrypt the data.
But the idea is that some pieces of the data need to be shared. For instance, I want my profile to store my SMS anti-spam policy. I want my profile to store my "how-to-reach-on-my-cell" policies. And for this kind of info, I want to make sure that some applications (mainly the app server of my wireless operator) can access this data.
OK you lied on your Hotmail profile. You lied about your gender, you lied about your age, your zip code, your interests.
That's not the kind of profile information I am talking about.
I am talking about information that is relevant to you, when you are not in front of your computer. Not the crap ISPs want to know about you.
I am talking about information you would like to access anytime, anywhere, like calendar, address book, phone book.
I am talking about information you are willing to disclose like the fact that I want the temperature to be expressed in Celsius degrees, I want the distance to be expressed in meters, and the price in Euros.
Slashdot Mirror
First, this is one of the worst article ever written. The author mixes so many different things that have absolutely nothing in common.
:-)
He is trying to explain many different things (open source, XML, SGML, the future of Solaris, etc.) and does a poor job at most of them.
Anyway, here are some comments related to what the article should be talking about. (I was talking with the Plan9 people about factotum no later than yesterday
Plan9 authentication (called factotum) is very similar to SSH agent. The main differences are that (1) ssh agent works only for ssh while factotum can work with any "factotum aware applications" and (2) factotum uses a central secure store.
In terms of difference with Passport and LA, I think the approaches are dual.
(1) Factotum/SSH agent is about: 1 master key that gives you access (it is more than that) to other keys.
(2) Liberty Alliance (federated single sign on) offers as many keys as there are authenticators all linked to the same identity (the linking is the magic behind the federation).
(3) Passport is a centralized single sign-on.
It is not clear to me which way is better between 1 and 2.
Here is an interesting scenario for single sign-on: m-commerce. I am on my cell phone, I browse the amazon web site and I purchase a book. What should happen?
Today, you need to authenticate as an Amazon user in order to complete the transaction. But this is unnecessary. When you use your cell phone, the telephony network knows who you are (and make sure that your airtime minutes get debited from your account). You are already authenticated.
In the single sign-on scenario, the telephony operator should be able to "propagate" the authentication to amazon. You should be able to purchase without having to authenticate a second time.
OK, some people will argue that if your cell phone gets stolen, shit will happen. For such a scenario, we can imagine that the authentication to the telephony network requires some extra credentials (e.g. pin number, or even better voice authentication).
All the solutions proposed in the posting only address one aspect of the problem, mainly making it possible for a user to access his/her data.
I am interested in making it possible for a user to SHARE his/her data in a controlled and secure way.
that's a really good start.
But how do you share this information (e.g. calendard information) with a 3rd party application that you trust?
Or how do you grant access to some pieces of your profile to your family members?
I don't see a contradiction.
There is profile information that you need to provide when you register (e.g. Hotmail).
Usually this is information that is not useful to you because 1) they are part of you like gender, address, etc. 2) they are not going to change and 3) the quality of the service you get from the ISP is not going to be decreased if you fill the form with lies. This is what I call the ISP crap.
I am talking about the information you provide as part of the use of the service, like calendar info, bookmark, etc.
Most comments only address one aspect of the problem: how an end-user can access and manage his/her data in a ubiquitous way.
/. are even considering this option. Is it selfishness, paranoia, or am I missing something?
The obvious solutions are:
- carry it with you (USB, etc.)
- store it on a server (ISP, home desktop)
Access control is simple: you can access your data, nobody else can. The data is encrypted and you have the key.
The more interesting aspect (I guess my initial post was not clear enough) is that I want to share this data. Apparently very few people on
I want some applications to be able to access this data to perform some useful services (e.g. by combining presence and calendar information, people could reach me more efficiently).
The challenge is how to provide a controlled and integrated access to my profile information.
1. you can use caching
2. ok with compact flash, you get instant profile. But this is the profile, the last time you put it on the card. If you don't sync it very often, you end up with an old -- useless -- profile.
The end user may trust some companies more than others (just like banks). Where would you put your money: Bank of America or Banco Commercial de Buenos Aires?
We can imagine a system where the user simply specifies the degree of trust and the information gets mapped to storage servers transparently. We can even imagine using architectures like Publius or FreeHaven to split the data into slices and have slices spread all over the network.
Sun iPlanet server offers an XML gateway.
I think that pretty soon (if not already) SOAP interfaces on top of LDAP will be available.
And some cell phones are already talking XML (SyncML is based on XML).
I think first we need to define clearly what the problem is.
I think it depends what you mean by "private".
I am willing to share my corporate calendar info with my co-workers. I don't want John Doe to access this information for sure.
The tricky aspect is that this is not an all-or-nothing situation.
LDAP is great, I agree:
- flexible data model
- hierarchical and distributed architecture
- free implementation
- lots of schemas
- decent access control
Here are the limitations:
- data model is flat
When you take an LDAP object class, the structure is flat: no possible nesting.
- the transport mechanism is not ASCII (as opposed to XML)
- the LDAP query language is way too limited
- the way user profiles have been implemented so far is wrong.
Netscape user profiles uses LDAP but each component (address book, bookmarks, cookies, etc.) is stored as a blob. This means that the only that you can do is to retrieve the entire address book, or the entire bookmarks. The granularity is wrong. Moreover, this opaqueness makes the various components live in different spaces. There is no way to write a query which will combine address book info with calendar data.
With XML, everyone lives in the same space and you can write queries that return (for instance) the name and phone numbers of all the people I have a meeting with next Tuesday.
Open source is about many eye-balls for free.
/. to get some smart comments, ideas and pointers about stuff that matters. And it is free.
Slashdot is about many brain cells for free.
The troubles with the company which supports the labs have forced some strong reduction in the staff. We need to find creative ways to do more with less.
And what better forum than
I am talking about two things (you seem to be the only to have noticed. Bravo):
- accessing my own data
- making my own data accessible to other
In terms of technology versus standards, GUPster is the bastard child (yet to be born) of GUP and Napster. And GUP (Generic User Profile) is an on-going 3GPP standard.
I think the problem (actually the two problems) need to be tackled from both ends: standards and technology.
This is fine if I want to store and retrieve my data.
But how do I make it possible for 3rd party app to retrieve some of my data. For instance, a reach-me application would need to access my calendar info to have a better chance to reach me.
How do I grant access to this data for this specific use and this use only?
If the issue is just to retrieve securely my profile, I fully agree with.
SecureID (from RSA) is a really good way to go.
But I am also interested in sharing this data with other apps.
Synchronization is only part of the story.
Synchrnonization is about me retrieving or updating my profile information.
I also want some 3rd party applications to be able to access some of my data.
Yeah. Like DNS, with open protocols.
But I disagree with your requirement that it is controlled by a non-profit org. Let the market decide.
I envision some providers to store my profile data and I can choose the one I want based on cost, reputation, etc.
If such a vision takes off, I am sure that organizations like the EFF would deploy servers to offer the service for free (and would gracefully accepts donations).
It is interesting to see that most of the postings are only concerned by how a user can retrieve his/her own profile information.
I am talking about a situation a user is willing to share some information with applications in order to get a better service.
I am sorry, but the HOTMAIL will not do.
The point is not to store information just for you.
The point is to provide a mechanism to share information with some applications in order to get a better user experience.
Unless the chip you talk about can be reached from the network and implements access control management, it is useless for everyone else but you.
Implementing a safe vault for my data is easy.
As you say, you just encrypt the data.
But the idea is that some pieces of the data need to be shared. For instance, I want my profile to store my SMS anti-spam policy.
I want my profile to store my "how-to-reach-on-my-cell" policies. And for this kind of info, I want to make sure that some applications (mainly the app server of my wireless operator) can access this data.
OK you lied on your Hotmail profile.
You lied about your gender, you lied about your age, your zip code, your interests.
That's not the kind of profile information I am talking about.
I am talking about information that is relevant to you, when you are not in front of your computer. Not the crap ISPs want to know about you.
I am talking about information you would like to access anytime, anywhere, like calendar, address book, phone book.
I am talking about information you are willing to disclose like the fact that I want the temperature to be expressed in Celsius degrees, I want the distance to be expressed in meters, and the price in Euros.
There are some nice smart conversion tools available on the Web.o wse/objweb
Try
http://wheel.compose.cs.cmu.edu:8001/cgi-bin/br
And the answer to the question is yes. Just be patient.
Regards.