About RDS

Books and Papers

IT Conversations






Would you like to receive a weekly digest of this weblog via email? Sign up to receive my free IT Strategy Letter.


Web Services Strategies

Beyond the technology, IT strategies for implementation of Web services by Doug Kaye.

Reactions to On Liberty. My inbox was busy this week. I received more feedback on my essay on the Liberty Alliance than regarding any other topic I've addressed in my weblog or newsletter. Much of it was in private email, so I can't quote it, and most (but not all) was supportive. I heard from some heavy hitters in the world of security and digital identity including Andre Durand (of pingid.org), Eric Norlin (Digital ID World), Jiri Ludvik (who publishes a security weblog), Gerry Gebel (Burton Group), Brent Sleeper (The Stencil Group), and Carol, Russ and Scott (Glenbrook Partners).
Posted Tuesday, September 17, 2002 5:55:58 PM   

Glenbrook Partners on Liberty. Scott and Russ have posted their critique of my analysis of the Liberty Alliance 1.0 documents. Just a few points in rebuttal:

  • Regarding the benefits of single sign-on for mobile devices or cross-platform identities, if that's the objective, there are ways to accomplish this without the drawbacks of Liberty. I'll have more to say on this later, but for now, just imagine RoboForm, based on ECML, and linked to an encrypted identity database that's accessible from any client or platform and that only the consumer can read.
  • "No actual individual identity information is shared between identity provider and service provider." True, but I'm not worried about the cooperating parties. It's that once someone has gained access to my account at the identity provider, he can access all of my other accounts within the circle of trust without the need for usernames or passwords. Prior to federation of my identity, this wasn't possible unless I was foolish to use the same username and password on each of the sites. (See my description of the Compartmentalization Attack.)
  • The Glenbrook paper claims that issues surrounding target marketing are "tangential to the mission and objectives of the alliance." I disagree. As I wrote in my original essay, I believe (and I think substantiate) targeted marketing and creating new ways to sell goods and services to consumer are precisely the objectives of the Liberty Alliance. Why else would they do this? If you think it's for the altruistic good of the consumer, do you believe the same about Passport or the new MSN Wallet? (Not me.)

Posted Tuesday, September 17, 2002 5:32:03 PM   



Current Weblogs

Web Hosting Strategies
Web Services Strategies
Noise (personal)
Blogarithms (all)
(more info)




Click below for single-day archives of Web Services Strategies weblogs.

September 2002
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30          
Aug   Oct

Click to see the XML version of this web page.


All content on this web site is governed by a Creative Commons License.
©2001-2003 Doug Kaye and RDS Strategies LLC (