[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [egov] The Swedish e-Sign Signature Central
<Quote> the scramble between the Microsoft Passport community and the Sun Liberty Alliance community will continue with both saying that they applaud the principle of a federated certification for single-sign-on, </Quote> Another angle to watch is this one: (1) WS-Federation (2) SAML v2.0 (3) Liberty Alliance SAML v2.0 will concentrate more in the area of Federated Network Identity, the domain of the Liberty Alliance and WS-Federation (although WS-Federation is not an open standard). So it appears that SAML and Liberty Alliance are coming closer together in terms of functionality - which makes this space quite crowded. I would look for a merger in this space sometime in the future, resulting in 2 specifications rather than 3. Kind Regards, Joe Chiusano Booz | Allen | Hamilton Rex Brooks wrote: > > Good idea, Anders, > > I am willing to bet that you will not see a single reply against it. > But it won't happen any time soon, as long as there is any > significant economic advantage in being the de facto standard in > practice, as opposed to being simply one of many federated > Certification Authorities for a globally-recognized standard for > single sign on, as recognized by US Federal Policy. So until a > Presidential Mandate or Congressional Act sets this policy in stone, > the scramble between the Microsoft Passport community and the Sun > Liberty Alliance community will continue with both saying that they > applaud the principle of a federated certification for > single-sign-on, while both communities quietly work to undermine the > process by achieving that de facto status of installed base > recognition. The US extolls the so-called"free" marketplace, but > hasn't shown much backbone lately when it comes to standing up to > monopolies. However, if the EU develops some larger markeplace > muscle, that might sway some opinion. If Sony-Ericsson were behind > it, with say France-telecom and Fujuitsu, onboard as well, with some > of that marketplace muscle, THAT might make a difference, but with > China, Central, Southern and Southeast Asia up for grabs, who has the > time? And remember, after that market achieves a moderate amount of > stablization in the next phase of economic-industrical development, > there will then be Africa getting up to speed, with South America > already showing signs of becoming a more lucrative marketplace. > > I believe there's a word for this. Geopolitics. The truth is, money > talks, quietly in the audible portion of the public spectrum, but > very loudly behind the scenes. The last thing I want to do is to > cause a ruckus, and this TC especially needs to be circumspect about > what it says and what arenas it chooses to enter, but inevitably > there will come a day when this aspect of our shared reality has to > be faced. Unfortunately, while I would once have said that ISO was > the more appropriate forum for taking up this work, but with their > recent adoption of a policy to charge for their Country Codes, it > appears that only OASIS and W3C stand a chance of putting a standard > in place that can achieve the actual purpose of single-sign-on. > > Now, having said all that, let me say that there is a back door that > this TC might want to pursue, which would be to balkanize the process > while maintaining a single schema standard for the actual information > required. By that I mean, make a schema-based standard of the > vocabulary required, then immediately start making as many separate, > market/country/region/niche segment standards as there are > constituencies. Start with web services security and incorporate SAML > and XACML within these various standards, making them all virtually > identical, but having so many of them that the major economic blocks > fighting for market dominance will simply have too many separate > little constituencies with which to cost-effectively accommodate or > cope, and each of which can add their own little twists in their own > little standards. the idea is to make it virtually impossible for the > big boys to make any money out of trying to keep up while claiming > that their market group represents the "best" combination of reliable > services in the global marketplace. > > In effect, what this does is to make a virtue of what is happening > here in OASIS already, with so many small, focused constituencies > staking out their own territory. At the same time, if this explosion > of small standards is going to eventually lead to some genuine global > consensi for broadly based, royalty free, encompassing standards, it > can, then, actually come about sooner, with too many small targets > for the major multinational corporations to pick off one at a time. > > Fighting Darwinism is in itself, not a good strategy for long term > survival and success. Better to use its own processes to thrive. > > Ciao, > Rex > At 10:14 AM +0100 11/29/03, Anders Rundgren wrote: > >Ladies and & Gentlemen, > >Here is some information regarding e-sign and e-governments. > > > >Sweden's e-sign solutions for e-Governments > >--------------------------------------------------- > > > >Due to the fact that current e-signature client SW is unique, the > >Swedish authorities' are planning to set up a "signature central" > >which effectively means that all e-sign operations will be > >performed in an external and very costly service, instead > >of being integrated in the e-government applications > >themselves. > > > >If there had been a working e-sign standard, the "signature central" > >would have been redundant. My study indicates that there are no > >conflicts or technical problems having a single e-sign solution > >covering both the desktop (Windows, Mac, Linux, etc), as well as > >high-end mobile devices. > > > >I'm sure that we can find EU money for such a development as the > >situation is similar in the entire EU. > > > >So my question is really only: What are we waiting for? > > > >Anders Rundgren > >Consultant, PKI and e-Business > >+46 70 - 627 74 37 (on CET) > > > >Attachment converted: Enterprise:???#2A6A72.pdf (PDF /CARO) (002A6A72) > >To unsubscribe from this mailing list (and be removed from the > >roster of the OASIS TC), go to > >http://www.oasis-open.org/apps/org/workgroup/egov/members/leave_workgroup.php. > > -- > Rex Brooks > GeoAddress: 1361-A Addison, Berkeley, CA, 94702 USA, Earth > W3Address: http://www.starbourne.com > Email: rexb@starbourne.com > Tel: 510-849-2309 > Fax: By Request > > To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/egov/members/leave_workgroup.php.
begin:vcard n:Chiusano;Joseph tel;work:(703) 902-6923 x-mozilla-html:FALSE url:www.bah.com org:Booz | Allen | Hamilton;IT Digital Strategies Team adr:;;8283 Greensboro Drive;McLean;VA;22012; version:2.1 email;internet:chiusano_joseph@bah.com title:Senior Consultant fn:Joseph M. Chiusano end:vcard
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]