Linked by Thom Holwerda on Wed 3rd Mar 2010 23:25 UTC, submitted by poundsmack
Microsoft "Ultimately, we want to be able to securely make transactions without giving third parties the ability to masquerade as us; we want to be able to visit websites and make purchases without those sites being able to track us or combine different pieces of information to draw a more complete picture of us; we want to be able to be able to disclose some information about ourselves, but not everything. The U-Prove framework, released as a CTP today by Microsoft, aims to solve these problems."
Thread beginning with comment 412157
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Fail
by zegenie on Thu 4th Mar 2010 07:29 UTC in reply to "RE: Fail"
zegenie
Member since:
2005-12-31

My problem is that they don't contribute to solve the problem by supporting the initiatives already in place.

We already have OpenID and OAuth for open and cross-"network" identification and authentication. Instead of writing *yet another* authentication and identification framework, why not contribute to and/or use those instead?

They're solving a problem that doesn't exist.

Reply Parent Score: -1

RE[3]: Fail
by rasmithuk on Thu 4th Mar 2010 08:47 in reply to "RE[2]: Fail"
rasmithuk Member since:
2010-03-04

By your comment I'm guessing that you either haven't read what it does or managed to miss the point.

'It was put together by respected cryptography researcher Dr Stefan Brands. He created a company to develop and market U-Prove, Credentica, which was bought by Microsoft in March 2008. With U-Prove, identity information can be used securely, and private data can be safely shared to those parties that need it, without leaking more information than is required.'

'U-Prove allows the creation of secure ID tokens, which are pieces of data that incorporate whatever information I need for a given task—but no more—along with cryptographic protection to ensure that they can't be forged, reused, traced back to me, or linked to other tokens that I have issued.'

Reply Parent Score: 2

RE[4]: Fail
by zegenie on Thu 4th Mar 2010 08:51 in reply to "RE[3]: Fail"
zegenie Member since:
2005-12-31

I think you're right - it's not really the same. I stand corrected.

However, I do think that OpenID and OAuth solve the same problem, and in a better way.

Edited 2010-03-04 08:52 UTC

Reply Parent Score: 0

RE[3]: Fail
by Karitku on Thu 4th Mar 2010 09:12 in reply to "RE[2]: Fail"
Karitku Member since:
2006-01-12

My problem is that they don't contribute to solve the problem by supporting the initiatives already in place. We already have OpenID and OAuth for open and cross-"network" identification and authentication. Instead of writing *yet another* authentication and identification framework, why not contribute to and/or use those instead? They're solving a problem that doesn't exist.

Because they are not Communists? Competition is good. We have single place where to buy alcohol(over 5%) but that hasn't stop alcoholism and all the other problems, instead it has created new problem called monopoly.

Reply Parent Score: 2

RE[4]: Fail
by zegenie on Thu 4th Mar 2010 09:44 in reply to "RE[3]: Fail"
zegenie Member since:
2005-12-31

Yes, because they're not communists. That's what I said.

Reply Parent Score: 0