[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [egov] The Swedish e-Sign Signature Central
Good idea, Anders, I am willing to bet that you will not see a single reply against it. But it won't happen any time soon, as long as there is any significant economic advantage in being the de facto standard in practice, as opposed to being simply one of many federated Certification Authorities for a globally-recognized standard for single sign on, as recognized by US Federal Policy. So until a Presidential Mandate or Congressional Act sets this policy in stone, the scramble between the Microsoft Passport community and the Sun Liberty Alliance community will continue with both saying that they applaud the principle of a federated certification for single-sign-on, while both communities quietly work to undermine the process by achieving that de facto status of installed base recognition. The US extolls the so-called"free" marketplace, but hasn't shown much backbone lately when it comes to standing up to monopolies. However, if the EU develops some larger markeplace muscle, that might sway some opinion. If Sony-Ericsson were behind it, with say France-telecom and Fujuitsu, onboard as well, with some of that marketplace muscle, THAT might make a difference, but with China, Central, Southern and Southeast Asia up for grabs, who has the time? And remember, after that market achieves a moderate amount of stablization in the next phase of economic-industrical development, there will then be Africa getting up to speed, with South America already showing signs of becoming a more lucrative marketplace. I believe there's a word for this. Geopolitics. The truth is, money talks, quietly in the audible portion of the public spectrum, but very loudly behind the scenes. The last thing I want to do is to cause a ruckus, and this TC especially needs to be circumspect about what it says and what arenas it chooses to enter, but inevitably there will come a day when this aspect of our shared reality has to be faced. Unfortunately, while I would once have said that ISO was the more appropriate forum for taking up this work, but with their recent adoption of a policy to charge for their Country Codes, it appears that only OASIS and W3C stand a chance of putting a standard in place that can achieve the actual purpose of single-sign-on. Now, having said all that, let me say that there is a back door that this TC might want to pursue, which would be to balkanize the process while maintaining a single schema standard for the actual information required. By that I mean, make a schema-based standard of the vocabulary required, then immediately start making as many separate, market/country/region/niche segment standards as there are constituencies. Start with web services security and incorporate SAML and XACML within these various standards, making them all virtually identical, but having so many of them that the major economic blocks fighting for market dominance will simply have too many separate little constituencies with which to cost-effectively accommodate or cope, and each of which can add their own little twists in their own little standards. the idea is to make it virtually impossible for the big boys to make any money out of trying to keep up while claiming that their market group represents the "best" combination of reliable services in the global marketplace. In effect, what this does is to make a virtue of what is happening here in OASIS already, with so many small, focused constituencies staking out their own territory. At the same time, if this explosion of small standards is going to eventually lead to some genuine global consensi for broadly based, royalty free, encompassing standards, it can, then, actually come about sooner, with too many small targets for the major multinational corporations to pick off one at a time. Fighting Darwinism is in itself, not a good strategy for long term survival and success. Better to use its own processes to thrive. Ciao, Rex At 10:14 AM +0100 11/29/03, Anders Rundgren wrote: >Ladies and & Gentlemen, >Here is some information regarding e-sign and e-governments. > >Sweden's e-sign solutions for e-Governments >--------------------------------------------------- > >Due to the fact that current e-signature client SW is unique, the >Swedish authorities' are planning to set up a "signature central" >which effectively means that all e-sign operations will be >performed in an external and very costly service, instead >of being integrated in the e-government applications >themselves. > >If there had been a working e-sign standard, the "signature central" >would have been redundant. My study indicates that there are no >conflicts or technical problems having a single e-sign solution >covering both the desktop (Windows, Mac, Linux, etc), as well as >high-end mobile devices. > >I'm sure that we can find EU money for such a development as the >situation is similar in the entire EU. > >So my question is really only: What are we waiting for? > >Anders Rundgren >Consultant, PKI and e-Business >+46 70 - 627 74 37 (on CET) > >Attachment converted: Enterprise:???#2A6A72.pdf (PDF /CARO) (002A6A72) >To unsubscribe from this mailing list (and be removed from the >roster of the OASIS TC), go to >http://www.oasis-open.org/apps/org/workgroup/egov/members/leave_workgroup.php. -- Rex Brooks GeoAddress: 1361-A Addison, Berkeley, CA, 94702 USA, Earth W3Address: http://www.starbourne.com Email: rexb@starbourne.com Tel: 510-849-2309 Fax: By Request
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]