RE: [decentralization] Sun alliance targets Microsoft's Passport
- Here is a possible settlement between Liberty Alliance Project and MS:
* Kerberos, as with Passport
* but standard kerberos, not the proprietary un-kerberos
* who can federate is completely open. Any ISP can do it, any paranoid
individual with an always-on connection can do it. (I don't know if that is
technically feasible) (*1)
* Passport is the model for interactions, but the standard is declared free of
patent protections by MS. (...just like w/ all w3c projects, right?)
To LAP members, let me point out that MS has the users and may well atomize the
opposition -- you should be willing to compromise. To MS, let me point out that
you are working very hard to bring in third party developers, and these are the
third party developers; AOL is likely to join LAP (if it can tear itself away
from its own navel); and Yahoo is not married to you via IMUnified. Both
factions have an incentive to work together.
I feel that MS' glommed onto Kerberos prematurely, and wouldn't have used it if
they had anticipated need for broad federation. On a technical level it may not
be up to the huge task that Passport hopes to solve, but so what. Passport is
here now and it's time to get cracking on running code.
*1: per http://www.pasta.cs.uit.no/thesis/html/ronnya/node39.html
"this requires O(N2)key exchanges to interconnect N domains. Version 5 of
Kerberos improves this by establishing a hierarchy of domains where any domain
may inter-operate with any other domain in the hierarchy. This arrangement
reduces the number of key exchanges to O(logN). " ---- that's still
potentially a hell of a lot of key exchanges.
- On Wed, 26 Sep 2001, Lucas Gonze wrote:
> This is 100% pure FUD.This article tells it a little differently:
> No announced members have a decent sized user identity database. AOL is Sun's
> traditional ally and it isn't a member. Yahoo, ICQ, and Jabber aren't members.
> IBM isn't a member. Verisign and eBay are members but have deals to support
> Passport also.
> There is no technology announced at all -- absurd!Yes, quite a shame.
Wesley Felter - wesley@... - http://felter.org/wesley/