[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]good dotgnu auth introductory link?

From: Mario D . Santana
Subject: Re: [Auth]good dotgnu auth introductory link?
Date: Thu, 4 Dec 2003 14:15:49 -0500

SourceID ( might also be a viable solution. PingID, the author, is going to go through the trouble of getting the implementation certified. PingID's officers are handy enough that I wouldn't be surprised if this became the reference implementation, at least de facto.

Unfortunately, their most promising projects, SourceID.Java and SourceID.NET, are distributed under a handicapped license for commercial use. I don't see that they have much to gain by switching to GPL right now. Medley is looking to use this for our Liberty (and eventually our WS-*) compliance, and we would love for there to be a GPL-compliant alternative which we can also depend on. Maybe PingID can be convinced that now is a good time for a dual-licensing scheme, but I'm betting they'll do it on their own when the timing suits them.

In any case, I don't think tackling the privacy-guarantee problem will be feasible if it's hacked into an already existing framework. Guaranteeing privacy is hard enough when it's designed in from the start. But MACS is a framework-building tool for this stuff, so adding privacy guarantees to MACS shouldn't be any harder than doing it from scratch. So Norbert, when you talk to Richard Murphy, you should ask about his willingness to design privacy guarantees into the project from the beginning. It's sort of a side-issue in a project like that.

As an aside, the only reason MACS isn't ready to be used by DotGNU is that I haven't had time to help with pnet's C compiler and libraries enough. We're making progress towards the day when I will, but things move more slowly in physical reality than in code-land, and I'm used to working in that ephemeral land where a relative increase in speed does not increase mass. (There's a PoliSci dissertation topic: prove that increasing the speed at which things get done increases the bureaucracy-mass, and find the value of the asymptote.) I'm learning patience, but it isn't easy.

Cheers! (No, really.  I'm drinking beer.)


On Dec 3, 2003, at 3:14 PM, david nicol wrote:

On Tue, 2003-12-02 at 05:38, Norbert Bollow wrote:

Do you think that this fedid stuff will meet the users' needs from a
privacy and freedom perspective?

Greetings, Norbert.

As I understand it, having perused the liberty alliance drafts
a few minor revisions and many moons ago, the requirements within
them are largely definitional, and information hygeine policy is
orthogonal to compliance.

Their definitions are good, though, and worth looking at and
complying with, as I recall.

david nicol
                                        Where the hell did I put my coffee?

Auth mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]