[JDEV] Distributed Authentication - thoughts people?
mhearn at mailandnews.net
Tue Sep 25 12:35:26 CDT 2001
Recently MS Passport hit Version 2. It's progressing rapidly and will
soon support SOAP based authentication for web services (or so I believe).
Therefore I think it's time to start work on an open version of Passport
that doesn't need centralised servers. The Jabber network is an ideal
candidate for this, so therefore I'd like to sound out the creation of
an Authentication JIG. The aims of the JIG would be as follows:
- Develop a system that allows for users to authenticate themselves
with websites and services using their Jabber account in a secure and
- Optionally abstract this system so Jabber is not a necessary
component for the authentication.
This would involve the following steps:
- Create an authentication protocol, and produce bindings to the Jabber
protocol and SOAP.
- Create a Jabber server plugin that allows for this authentication
- Create authentication web software that would allow users to login to
web sites in a similar fashion to Passport, with semi single-sign-in.
- Documenting all the above!
I think that authentication could well be one of the next important
stages in the development of the net. And I think Jabber can do it best.
So what do people think? Should I go ahead and submit a JEP for the
creation of the Authentication JIG?
mhearn at neuk.net
Jabber (jabber.org) tweedledee at jabber.org
More information about the JDev