http://www.osnews.com/story/17981/MS_Goes_Open_Source_to_Boost_Identity_Management Exploring the Future of Computing en-us Copyright 2001-2009, David Adams adam+nospam@osnews.com Tue, 07 Jul 2009 00:16:46 GMT http://www.osnews.com/images/osnews.gif http://www.osnews.com http://osnews.com/thread?243311 http://osnews.com/thread?243311 Why not supporting OpenID? Why do we need so many different ID systems? If Microsoft chooses an open system, then OpenID could be an alternative.

Greetings

Mike Sat, 26 May 2007 20:41:00 GMT donotreply@osnews.com (miketech) Comments http://osnews.com/thread?243314 http://osnews.com/thread?243314 Microsoft announced that they will also support OpenID. Google finds a few articles about it from the last couple of months. Sat, 26 May 2007 20:54:00 GMT donotreply@osnews.com (miguel) Comments http://osnews.com/thread?243317 http://osnews.com/thread?243317 It's really an unexpected move from Microsoft.

However what puzzles me most is the software is in Java and Ruby supporting Active Directory and OpenLDAP.

What I would've expected would be C# and Python (for which they already have a complete version in .Net) supporting FedoraDS and ApacheDS (which have much better structured core / plugin functionality).

Anyways it's unexpected but a good move, and cheers to Microsoft for BSD license instead of shared source (GPL would be fine too). I hope they continue supporting open standards.Edited 2007-05-26 21:07 Sat, 26 May 2007 21:03:00 GMT donotreply@osnews.com (sukru) Comments http://osnews.com/thread?243320 http://osnews.com/thread?243320 This projects reminds me existing ID-Card technology prooved itself in Estonia for couple of years already. http://www.id.ee/?lang=en Sat, 26 May 2007 21:23:00 GMT donotreply@osnews.com (antik) Comments http://osnews.com/thread?243346 http://osnews.com/thread?243346 might come to know the virtues of open source software development by the end of these projects.

http://osgeek.blogspot.com Sat, 26 May 2007 23:41:00 GMT donotreply@osnews.com (osgeek) Comments http://osnews.com/thread?243350 http://osnews.com/thread?243350 It's called choice. Sun, 27 May 2007 00:01:00 GMT donotreply@osnews.com (flanque) Comments http://osnews.com/thread?243359 http://osnews.com/thread?243359 I have to hand it to them, they don't give up and change their tac. After the failures of Hailstorm and Passport over the years, they keep on trying. Sun, 27 May 2007 00:45:00 GMT donotreply@osnews.com (segedunum) Comments http://osnews.com/thread?243371 http://osnews.com/thread?243371 Open-sourcing the method that our privacy is assured is somewhat like posting the security layout of a bank on the front door in order to see how to make it more impervious to thieves.

This may be lauded by some, but for myself, I won't be using any site that uses that technology.

I wonder how far they plan on taking this new 'customer-centric interoperability across platform' system? Sun, 27 May 2007 02:00:00 GMT donotreply@osnews.com (Almafeta) Comments http://osnews.com/thread?243374 http://osnews.com/thread?243374 Oh, so now because everyone can help find design flaws, its insecure?

newsflash: because everyone can know how it works, doesent make it insecure.

Or do you volunteer to crack any of my communication done securely using GnuPG? you may have the gnupg source! Sun, 27 May 2007 02:23:00 GMT donotreply@osnews.com (Redeeman) Comments http://osnews.com/thread?243375 http://osnews.com/thread?243375 -noc noc
-who's there?
- it's mister SECURITY THROUGH OBSCURITY DOESN'T WORK!

http://en.wikipedia.org/wiki/Security_through_obscurity Sun, 27 May 2007 03:01:00 GMT donotreply@osnews.com (dtiziani) Comments http://osnews.com/thread?243409 http://osnews.com/thread?243409 lol,
I've got a security system for you to buy.
It's the best security in the world.
I can't tell you how it works, or what it actually does because that would make it less secure.

Since I'm the only one that knows how it works, you'll be secure from everyone except me.
But don't worry I'm pretty trustworthy. Sun, 27 May 2007 09:34:00 GMT donotreply@osnews.com (jessta) Comments http://osnews.com/thread?243422 http://osnews.com/thread?243422 I find it interesting that they announced they would support OpenID months back, yet haven't produced anything so far but PR.
... and as time goes on, still nothing.

I'm to understand they might be adding support to .Net, but you'd know all about that, wouldn't you Miguel ?

It'd help if they officially joined the OpenID mailing lists and contributed, but they wont. Sun, 27 May 2007 11:16:00 GMT donotreply@osnews.com (Beta) Comments http://osnews.com/thread?243440 http://osnews.com/thread?243440 Am I missing something here?
IIRC Both FedoraDS and ApacheDS are LDAP compliant, so as slong as jyo suport LDAP and can parse the results there realy should be no need to support the individual serbers, right?

Disclaimer: I´m not a software developer so please correct me if I´m wrong Sun, 27 May 2007 12:17:00 GMT donotreply@osnews.com (bn-7bc) Comments http://osnews.com/thread?243450 http://osnews.com/thread?243450 Is this truly open source or their bastardized version called managed source? Sun, 27 May 2007 13:21:00 GMT donotreply@osnews.com (Drift3r) Comments http://osnews.com/thread?243455 http://osnews.com/thread?243455 What amazes me is that he is getting modded down (-3 atm).

Allow me to list the valid reasons for modding somebody down;

"Yes, this comment includes personal attacks/offensive language
Yes, this comment is off-topic
Yes, this comment is spam or includes advertisements"

No matches there.

Now, please stop modding down just becuse you dont agree with their opinion.Edited 2007-05-27 13:53 Sun, 27 May 2007 13:52:00 GMT donotreply@osnews.com (mcduck) Comments http://osnews.com/thread?243487 http://osnews.com/thread?243487 In theory you are correct, but vendors usually add tweaks/platform specific additions/changes though I don't know if FDS/ADS do.

.Net already has support for LDAP, and there are quite a few 3rd party libraries that add support for their versions of an LDAP provider.

LDAP is kind of ODBC...all the major DB vendors support ODBC, but you don't get the true performance/benefits unless you use the native provider (such as SQL OLEDB for MSSQL). Sun, 27 May 2007 17:13:00 GMT donotreply@osnews.com (jayson.knight) Comments http://osnews.com/thread?243512 http://osnews.com/thread?243512 OT:

Maybe there should be two scores. One for quality and one for support. That way you could vote -1 for support without affecting the quality rating. Sun, 27 May 2007 19:28:00 GMT donotreply@osnews.com (John Nilsson) Comments http://osnews.com/thread?243529 http://osnews.com/thread?243529 What's next?????
Isn't this just another attempt to check your OS for a valid registration key? And to scan your system for DRM violations?

If this is another attempt to jamb something down my throat, I don't want it, I don't play that game......

I do accept necessary legitimate cookies from shopping sites and financial sites to facilitate transactions.

Assuming this is voluntary, and that this is a legitimate attempt at security, to positively identify a user, like coders/academics logging on to sites for computer activities or typical users doing financial transactions, why can't a special type of SUPER COOKIE be developed that contains the computers MAC address, the machine CPU ID, and a users private PHP encription key be enough to uniquely and sufficiently identify an individual on a particular machine?

What's next ....... Finger print scanners, retina scanners, DNA checkers????

Better read this fast folks, I always get modded down??

JLT Sun, 27 May 2007 20:29:00 GMT donotreply@osnews.com (jlt2007) Comments http://osnews.com/thread?243621 http://osnews.com/thread?243621 "This may be lauded by some, but for myself, I won't be using any site that uses that technology. "

You better not be using any secure sites then since SSL/TLS is an open standard and that must mean it can't be secure. Mon, 28 May 2007 04:34:00 GMT donotreply@osnews.com (Soulbender) Comments http://osnews.com/thread?243996 http://osnews.com/thread?243996 There are some excellent books - The Code Book by Simon Singh for one - which explains how public key security works. It's a bit of a technical subject but basically security has nothing to do with keeping the technology hidden - just your private key. Wed, 30 May 2007 08:51:00 GMT donotreply@osnews.com (bailey86) Comments