[JDEV] Distributed Authentication - thoughts people?

Michael Hearn mhearn at mailandnews.com
Thu Sep 27 13:19:51 CDT 2001


Firstly, any known problems with using Mozilla to send mail to this  list. Whenever I use MozMail to send mail, it takes for ever to get through. With outlook express, it gets through straight away :(

Anyway, there seems to be some interest in this topic. Therefore I think I will send a JEP to the foundation asking for the creation of a JIG. A few comments:

Liberty Alliance: An interesting project that has all the right ideas, but so far is pure vapourware from what I can tell. There is no reason why we should not join this project if allowed, but I dislike it's entirely commericial viewpoint. The aim of the LA seems to be entirely getting access to even more information on consumers. The term "user" is not mentioned on its front page, only "business" and "consumer". Email wasn't built for mass marketing, IM wasn't built for market research. Identity shouldn't be built for companies either. It should be built for the people.

Kerberos: Wasn't designed for the web at all. Also very very complex, I looked into this in depth recently. It's also a not-quite-standard as there is an "enhanced" (cough) version that MS uses, and then the MIT version that everyone else uses. However, it's beginning to look like Kerberos will act as the glue between different systems, allowing them to at least partially interoperate.

DCE: I tried to find information on it, all I got was a page written in 1995. I've never seen a Windows implementation either. Perhaps this software solves all,  but I remain to be convinced.

To answer Scott Cote: obviously the final implementation would be decided in the JIG. But it would probably be based on the jabber network. So for instance, to login to a website/service you would provide your Jabber network address ( i suggest this as a more user friendly name JID ) and then your jabber server would be contacted to authenticate.

However, like I've said before, we should recognise that this is bigger than Jabber. If we define a protocol, it should be sufficiently abstracted to allow bindings to other protocols as well, therefore allowing interoperability.

So - unless anyone has major objections I will post the JEP tomorrow.

thanks -mike
_______________________
Michael Hearn
mhearn at neuk.net
Jabber (jabber.org) tweedledee at jabber.org
ICQ# 34800568
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20010927/e925f86a/attachment-0002.htm>


More information about the JDev mailing list