Do Androids Dream of Electric Single Sign-Ons?

Sun's Passport-killer six months away

The first fruits of the industry-wide answer to Microsoft's single-sign-on initiative Passport, Liberty, should go live in six months, Sun said yesterday.

Sun provided an update on Liberty but didn't announce any new members of the consortium at its "Web Services Summit" (ie, MS PDC spoiler) in Santa Clara, Ca. yesterday. The most likely MIA from the original Liberty Alliance members list - AOL/Time Warner - is expected to join at any moment. Which will come as no great surprise as we've come to think of AOL as Sancho Panza to Scott's Quixote, only without Sancho's refuelling habits*.

Rising star Jonathan Schwartz, Sun's VP of corporate strategy and planning, sidestepped a question from The Register about wider industry support. With consumer demand ripe for an alternative to The Beast, wouldn't buy-in from IBM and HP give Liberty the same momentum that propelled Java from in-house novelty to de-facto standard development platform?

Er, well, maybe: Schwartz said Sun was continuing to talk to everyone he said, in a diplomatic non-answer. (Just one of many we heard yesterday morning. In fact, you could compile all the non-answers Sun gave yesterday into a great big bumper non-compendium of nonsense.)

At one point, Sun prez Ed Zander said that the company had 500 people "who spend every waking moment thinking about identity".

What? Every waking moment? Don't their thoughts stray every now and again? Have all the stray, impure thoughts, such as 'What time does the Emeryville IKEA close?' been expunged for good, only to surface in their dreams?

What do Sun employees dream about? We really don't want to know. (But in case we do - please make them original)

Private Parts

But nonetheless, this stuff matters. Sun has done an admirable job of corralling support for an alternative to Passport/Hailstorm, although there are more privacy holes in the Liberty proposition right now than there are security holes in IIS. And as we've pointed out before, consumers aren't going to sell themselves cheaply: they simply won't buy into a web service framework that pretty much guarantees them spam for life. That's the dark um, underbelly of web services that no one really likes to talk about: because with federated web services, there's no place to hide.

If you think junk email fucks up your day, you're in for a nasty surprise. In the future you'll be getting "cross-promotions" from "affinity partners" on your "personal portal", every time you check a movie time or make a funds transfer, and perhaps on every web page that you'll ever visit again. That's if the alliance between IT providers and their big-money Fortune 500 customers, each one of whom is itching to trade your personal profile, ever gets its way.

Chatting to the affable Schwartz later, he assured us privacy was a prime concern for Sun. He'd be loathe to see his Blockbuster video preference exchanged with anyone else, he told us. As well he should be: if you're a smoker or an AIDS patient, there's little guarantee that in spite of Federal Laws preventing such exchanges, that the information won't be aggregated into one evil, federated web services soup.

Now you could rightly suppose that this leaves plenty of scope for an emergent, cross-ideology privacy movement that could be as significant as the Labor movement. But right now the reins are held by a handful of moonshine libertarians - who number, alas, the droll McNealy along with his less droll compadres of the West Coast techno elite - and these folks will sell your indivisible rights for a buck if they can so much as sniff a supply chain sales opportunity. And at the "Summit" yesterday, Sun spent far more time alerting the attendees - its biggest customers and partners - to the marketing opportunities of promiscuous personal data exchange, then it did assuring us of our privacy rights.

So while the Liberty Alliance can raise a cheer right now by virtue of simply not being Microsoft, the long-term prospects for the rest of us are grim indeed.

We can clutch at one straw, however. Someone at Sun has twigged that Microsoft's decision to "open" Hailstorm authentication to open Kerberos standards means precisely diddly squat. That move gained a referential and fawning reception from the trade press recently, from everyone except your favorite curmudgeons at The Register. Who have been pointing out the very tedious, but very real difference between authentication ("You are who say you are!") and authorization ("And now you can do this!") for ages. That belatedly makes in onto a Sun slide, and we thank you folks for listening. ®

* Quixotic Bootnote: "Although he believes that Don Quixote is truly mad, he continues in the adventures because Don Quixote has promised him that he will one day win Sancho an isle to govern, or at least promote him to the status of nobility", you see...

Related Stories

Friends of Sun rally round Passport-killer
Web services marchitecture wars get personal

Sponsored: Driving business with continuous operational intelligence