Loading ...
Sorry, an error occurred while loading the content.

4052RE: [decentralization] Sun alliance targets Microsoft's Passport

Expand Messages
  • Lucas Gonze
    Sep 26, 2001
    • 0 Attachment
      Here is a possible settlement between Liberty Alliance Project and MS:
      * Kerberos, as with Passport
      * but standard kerberos, not the proprietary un-kerberos
      * who can federate is completely open. Any ISP can do it, any paranoid
      individual with an always-on connection can do it. (I don't know if that is
      technically feasible) (*1)
      * Passport is the model for interactions, but the standard is declared free of
      patent protections by MS. (...just like w/ all w3c projects, right?)

      To LAP members, let me point out that MS has the users and may well atomize the
      opposition -- you should be willing to compromise. To MS, let me point out that
      you are working very hard to bring in third party developers, and these are the
      third party developers; AOL is likely to join LAP (if it can tear itself away
      from its own navel); and Yahoo is not married to you via IMUnified. Both
      factions have an incentive to work together.

      I feel that MS' glommed onto Kerberos prematurely, and wouldn't have used it if
      they had anticipated need for broad federation. On a technical level it may not
      be up to the huge task that Passport hopes to solve, but so what. Passport is
      here now and it's time to get cracking on running code.

      - Lucas

      *1: per http://www.pasta.cs.uit.no/thesis/html/ronnya/node39.html
      "this requires O(N2)key exchanges to interconnect N domains. Version 5 of
      Kerberos improves this by establishing a hierarchy of domains where any domain
      may inter-operate with any other domain in the hierarchy. This arrangement
      reduces the number of key exchanges to O(logN). " ---- that's still
      potentially a hell of a lot of key exchanges.
    • Show all 6 messages in this topic