http://radio.weblogs.com/0106541/categories/identity/ Copyright 2002 Paul Kulchenko Mon, 15 Jul 2002 23:31:46 GMT http://backend.userland.com/rss092 paulclinger@yahoo.com paulclinger@yahoo.com <A href="http://www.projectliberty.org/"><B>Liberty Alliance Publishes 1.0 Spec</B></A>. The long-awaited specs are available for those willing to give some basic personal info to the alliance members. The Overview document looks interesting. More thoughts when I've had a chance to read the PDFs. [<A href="http://www.rds.com/doug/weblogs/webServicesStrategies/">Doug Kaye: Web Services Strategies</A>] Expect some thoughts from me too ;) <STRONG>Update</STRONG>: <A href="http://www.razorsoft.net/weblog/">Peter Drayton</A> already posted his <A href="http://www.razorsoft.net/weblog/2002/07/15.html#a303">comments</A>. Doug Kaye: Web Services Strategies tweney.com: <A href="http://www.tweney.com/2002/0628trust.html">Broken trust</A>. "<EM>The problem is that Palladium requires users to place a huge amount of trust in Microsoft. You don't get to decide what runs on your computer -- Microsoft does. You can't even open files unless you've been authorized by Microsoft, or by a third party. And that puts a huge amount of power into the hands of these corporations.</EM>" [<A href="http://scripting.com/">scripting.com</A>] <A href="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwebsrv/html/wsfederate.asp?frame=true">Microsoft's Federated Security and Identity Roadmap</A>. "<EM>By the turn of the century, the question arose of how to get all the computers connected to the Internet to talk to one another. The industry looked to what made the Web successful. This new model, known as XML Web services, focuses on getting heterogeneous systems within and between businesses to talk to one another, regardless of the underlying operating system, language, or programming model. It accepted that these systems were written in different languages, with different programming models. But it was based on the notion that some simple technology standards would be able to bridge that gap.</EM>" <A href="http://www.well.com/user/jd/hoaxes.html">Debunking Internet hoaxes</A>. "<EM>Here are some of the best resources for verifying or discounting possible Internet hoaxes.</EM>" CNET: <A href="http://story.news.yahoo.com/news?tmpl=story&amp;ncid=70&amp;e=6&amp;cid=70&amp;u=/cn/20020422/tc_cn/gov_t_mulls_microsoft__others_for_id_system">Gov't mulls Microsoft, others for ID system</A>. <EM>"The U.S government is considering using online ID systems from Microsoft, Entrust, RSA, and VeriSign among others to track the identity of visitors to a dozen new federal Web sites launching later this year, a federal official said Friday."</EM> <A href="http://weblog.digital-identity.info/">Digital Identity</A>: News and features on identity web services. Rael Dornfest: <A href="http://www.oreillynet.com/cs/weblog/view/wlg/481">Identity</A>. <EM>"The holy grail is a unified, decentralized, simple yet extensible user-centric identity, membership, and preferences fabric for the Internet." <BR><BR></EM>Two years from now. Privacy, security and scalability concerns are addressed. What else do we need? I would like to have different authentication for different levels: view-only, transactional and administrative. I would like to have multilevel authentication. How about delegation? I want to give access to my information, but don't want to give away my authentication information. How about web services integration? Again, I would like to use my identity, but different authentication mechanisms.