Feeds

Friends of Sun rally for Passport-killer

They all agree it would be a jolly good thing

  • alert
  • submit to reddit

HP ProLiant Gen8: Integrated lifecycle automation

Sun has been hinting for weeks that it's rustling up support for an alternative to Microsoft's version of single-sign-on for web transactions, and it went public today.

The Liberty Alliance Project's mission is quite a mouthful: to create "an open, federated solution for network identity - enabling ubiquitous single sign-on, decentralized authentication and open authorization from any device connected to the internet, from traditional desktop computers and cellular phones through to TVs, automobiles, credit cards and point-of-sale terminals."

The initial roster of "charter members" is interesting: it includes none of Sun's server infrastructure rivals (IBM, Fujitsu-Siemens and Hewlett Paqard are missing, along with the PC OEM crowd) but has an impressive roster of wireless and cellular manufacturers: numbering handset manufacturers (Nokia and Sony), carriers (Sprint, Vodafone, Cingular) and NTT DoCoMo which is both. Smartcard manufacturers including Schlumberger and Gemplus are there, and a few Sun customers who we imagine thought they were signing up for a Free! Prize Draw! of some kind.

Most interesting on the list is the presence of O'Reilly, Apache Group and Collab.net: they're recruited as conscience-keepers, we guess.

The strong roster of phone interests indicates that Sun recognises that the payment platform is likely to involve a smartphone, not a PC. With smartphones set to outnumber PCs at some point in the next decade, that's a good bet. Even without Sun's server rivals, there's enough of the wireless lobby signed on (no pun intended) to give the initiative momentum.

If the announcement looks like it was hurried out, we suspect it was. Until a couple of hours ago spokesmen were stonewalling enquiries on the Charter List membership, after IDG had gotten an advanced copy. And some of the web pages are still titled "Liberty Template".

Quite what technology is to be used is up for grabs, but it's likely to be Java-based given Sun's role in the group's creation, and religiously standards-based: anything else would provide The Beast with a turkey shoot.

At Santa Clara three weeks ago, we spent much of the morning haranguing Greg Papadopoulos and Marge Breya that Sun's web services pitch was essentially meaningless without an open, industry-standard single-sign on.
And this delivers that. Or at least, is the best chance of such an alternative to Passport.

So why aren't we deliriously happy? Well, there's little emphasis so far on privacy. The word appears once in the 979 word FAQ, five words from the end. And privacy is central to consumer acceptance of any kind of digital ID: without essential privacy guarantees the digital ID that Project Liberty requires becomes a back door to all kinds of database pooling - by marketing departments and governments - that isn't possible today. It could even, if we aren't vigilant, become your token for digital content as envisaged by Senator Hollings' SSSCA.

But it's early days as we say, and apparently it's not too late to change the name, either.

The Liberty Alliance Project sounds like one of those fringe libertarian nut websites that are entirely written using huge blinking Times fonts, that advocate legalising smack and helping protect the unborn by issuing them with handguns.

"Liberty is a code name for this formative initiative," says the press release.

Phew. ®

External Link

Project Liberty

Eight steps to building an HP BladeSystem

More from The Register

next story
THUD! WD plonks down SIX TERABYTE 'consumer NAS' fatboy
Now that's a LOT of porn or pirated movies. Or, you know, other consumer stuff
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
FLAPE – the next BIG THING in storage
Find cold data with flash, transmit it from tape
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.