Distributed Authentication. Aaron forwarded …

Distributed Authentication. Aaron forwarded me a note about using LDAP for distributed authentication instead of relying on Jabber Profiles and/or Microsoft’s Passport. He notes that every popular web application language already supports LDAP and it’s already built into the Apache web server as well as the Zope Content Management Framework. And you may recall a few days ago, Doc Searls pointed to this 1996 interview (part 1, part 2) with Craig Burton that talked about “Netscape’s barely-noticed moves with LDAP effectively kept Microsoft from setting up a toll booth at the intersection where we enter the Web — the one controlled by a directory.”

The issue with using LDAP is one of trust, just as it is with Microsoft. Who would you trust to handle your profile information? Microsoft’s initiative requires you to put all of your trust in their hands. The Jabber solution allows you to at least control that data locally on your own hard drive, but information like credit card numbers and identity verification still must go through one of the services that handle such things. It’s likely that you already trust those services if you’ve ever bought anything off the Internet using a credit card. For profile authentication using LDAP, it makes sense for a coalition of companies (Amazon, eBay, Mastercard, Visa, PayPal, etc.) to form a non-profit group or government-regulated company to handle the requests that come in from LDAP-enabled web applications. How all of this may work is too complex to write about in a couple of short paragraphs, however I think the point I’m trying to make is that we don’t want the control of authenticated profiles and associated data to be in the hands of just one company.

Let’s take a look at the Network Solutions monopoly. Here was a case where one company controlled all of the data in a directory. For years, people complained about how impossible it was to deal with NetSol and to change information in that directory. It was in NetSol’s best interests to retain as much control over this directory data as possible, but they screwed up by pissing off so many people, that when alternative registrars were finally allowed, millions upon millions of domain names are being moved from NetSol’s control. For most people, it is worth the extra little bit of money/hassle to transfer a domain from NetSol to a different registrar than to have to try and deal with NetSol’s inane services (or lack there of). Again, it’s an example of a decentralized directory winning out over a centralized one.

First Monday: Internet, Innovation and Open Source: Actors in the Network

Philip Greenspun on Content Management. [via Aaronland]

Sun launched their JXTA project today.

Brock Meeks has a great article on those privacy statements that no one ever reads. Tip: start reading them. [via rc3.org]

Dr. Dobbs: Web Applications as Java Servlets [via Have Browser, Will Travel]

Posted by Cameron Barrett at April 25, 2001 09:31 PM

Leave a Reply

Your email address will not be published. Required fields are marked *