Feeds

Do Androids Dream of Electric Single Sign-Ons?

Sun's Passport-killer six months away

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

The first fruits of the industry-wide answer to Microsoft's single-sign-on initiative Passport, Liberty, should go live in six months, Sun said yesterday.

Sun provided an update on Liberty but didn't announce any new members of the consortium at its "Web Services Summit" (ie, MS PDC spoiler) in Santa Clara, Ca. yesterday. The most likely MIA from the original Liberty Alliance members list - AOL/Time Warner - is expected to join at any moment. Which will come as no great surprise as we've come to think of AOL as Sancho Panza to Scott's Quixote, only without Sancho's refuelling habits*.

Rising star Jonathan Schwartz, Sun's VP of corporate strategy and planning, sidestepped a question from The Register about wider industry support. With consumer demand ripe for an alternative to The Beast, wouldn't buy-in from IBM and HP give Liberty the same momentum that propelled Java from in-house novelty to de-facto standard development platform?

Er, well, maybe: Schwartz said Sun was continuing to talk to everyone he said, in a diplomatic non-answer. (Just one of many we heard yesterday morning. In fact, you could compile all the non-answers Sun gave yesterday into a great big bumper non-compendium of nonsense.)

At one point, Sun prez Ed Zander said that the company had 500 people "who spend every waking moment thinking about identity".

What? Every waking moment? Don't their thoughts stray every now and again? Have all the stray, impure thoughts, such as 'What time does the Emeryville IKEA close?' been expunged for good, only to surface in their dreams?

What do Sun employees dream about? We really don't want to know. (But in case we do - please make them original)

Private Parts

But nonetheless, this stuff matters. Sun has done an admirable job of corralling support for an alternative to Passport/Hailstorm, although there are more privacy holes in the Liberty proposition right now than there are security holes in IIS. And as we've pointed out before, consumers aren't going to sell themselves cheaply: they simply won't buy into a web service framework that pretty much guarantees them spam for life. That's the dark um, underbelly of web services that no one really likes to talk about: because with federated web services, there's no place to hide.

If you think junk email fucks up your day, you're in for a nasty surprise. In the future you'll be getting "cross-promotions" from "affinity partners" on your "personal portal", every time you check a movie time or make a funds transfer, and perhaps on every web page that you'll ever visit again. That's if the alliance between IT providers and their big-money Fortune 500 customers, each one of whom is itching to trade your personal profile, ever gets its way.

Chatting to the affable Schwartz later, he assured us privacy was a prime concern for Sun. He'd be loathe to see his Blockbuster video preference exchanged with anyone else, he told us. As well he should be: if you're a smoker or an AIDS patient, there's little guarantee that in spite of Federal Laws preventing such exchanges, that the information won't be aggregated into one evil, federated web services soup.

Now you could rightly suppose that this leaves plenty of scope for an emergent, cross-ideology privacy movement that could be as significant as the Labor movement. But right now the reins are held by a handful of moonshine libertarians - who number, alas, the droll McNealy along with his less droll compadres of the West Coast techno elite - and these folks will sell your indivisible rights for a buck if they can so much as sniff a supply chain sales opportunity. And at the "Summit" yesterday, Sun spent far more time alerting the attendees - its biggest customers and partners - to the marketing opportunities of promiscuous personal data exchange, then it did assuring us of our privacy rights.

So while the Liberty Alliance can raise a cheer right now by virtue of simply not being Microsoft, the long-term prospects for the rest of us are grim indeed.

We can clutch at one straw, however. Someone at Sun has twigged that Microsoft's decision to "open" Hailstorm authentication to open Kerberos standards means precisely diddly squat. That move gained a referential and fawning reception from the trade press recently, from everyone except your favorite curmudgeons at The Register. Who have been pointing out the very tedious, but very real difference between authentication ("You are who say you are!") and authorization ("And now you can do this!") for ages. That belatedly makes in onto a Sun slide, and we thank you folks for listening. ®

* Quixotic Bootnote: "Although he believes that Don Quixote is truly mad, he continues in the adventures because Don Quixote has promised him that he will one day win Sancho an isle to govern, or at least promote him to the status of nobility", you see...

Related Stories

Friends of Sun rally round Passport-killer
Web services marchitecture wars get personal

Secure remote control for conventional and virtual desktops

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
DOUBLE BONK: Testy fanbois catch Apple Pay picking pockets
Users wail as tapcash transactions are duplicated
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
In the next four weeks, 100 people will decide the future of the web
While America tucks into Thanksgiving turkey, the world will be taking over the net
Microsoft EU warns: If you have ties to the US, Feds can get your data
European corps can't afford to get complacent while American Big Biz battles Uncle Sam
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.