[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [egov] The Swedish e-Sign Signature Central
Anders, The problem also is that people pre-suppose that a single sign-on is the answer - when in fact it is not. Peoples behaviour is multifaceted - and therefore the last thing they want to do is shackle themselves to one of these central services. There are definately better solutions and approaches out there - problem is - noone is listening - they are all trying to be first-past-the-post to the pot of gold with their single system - so they can become hugely rich. Just like with UDDI "push" couple of years back - even once they have punched this out - noone will want to buy it - but they just cannot see that coming. Fortunately some of their feature-set is salvagable for use in the real solution. But they will not listen to what that is - until their own Edsel has not left any of the showrooms... DW. ----- Original Message ----- From: "Chiusano Joseph" <chiusano_joseph@bah.com> To: "Rex Brooks" <rexb@starbourne.com> Cc: "Anders Rundgren" <anders.rundgren@telia.com>; <egov@lists.oasis-open.org> Sent: Sunday, November 30, 2003 8:40 PM Subject: Re: [egov] The Swedish e-Sign Signature Central > <Quote> > the scramble between the Microsoft Passport community and the Sun > Liberty Alliance community will continue with both saying that they > applaud the principle of a federated certification for > single-sign-on, > </Quote> > > Another angle to watch is this one: > > (1) WS-Federation > (2) SAML v2.0 > (3) Liberty Alliance > > SAML v2.0 will concentrate more in the area of Federated Network > Identity, the domain of the Liberty Alliance and WS-Federation (although > WS-Federation is not an open standard). So it appears that SAML and > Liberty Alliance are coming closer together in terms of functionality - > which makes this space quite crowded. > > I would look for a merger in this space sometime in the future, > resulting in 2 specifications rather than 3. > > Kind Regards, > Joe Chiusano > Booz | Allen | Hamilton > > Rex Brooks wrote: > > > > Good idea, Anders, > > > > I am willing to bet that you will not see a single reply against it. > > But it won't happen any time soon, as long as there is any > > significant economic advantage in being the de facto standard in > > practice, as opposed to being simply one of many federated > > Certification Authorities for a globally-recognized standard for > > single sign on, as recognized by US Federal Policy. So until a > > Presidential Mandate or Congressional Act sets this policy in stone, > > the scramble between the Microsoft Passport community and the Sun > > Liberty Alliance community will continue with both saying that they > > applaud the principle of a federated certification for > > single-sign-on, while both communities quietly work to undermine the > > process by achieving that de facto status of installed base > > recognition. The US extolls the so-called"free" marketplace, but > > hasn't shown much backbone lately when it comes to standing up to > > monopolies. However, if the EU develops some larger markeplace > > muscle, that might sway some opinion. If Sony-Ericsson were behind > > it, with say France-telecom and Fujuitsu, onboard as well, with some > > of that marketplace muscle, THAT might make a difference, but with > > China, Central, Southern and Southeast Asia up for grabs, who has the > > time? And remember, after that market achieves a moderate amount of > > stablization in the next phase of economic-industrical development, > > there will then be Africa getting up to speed, with South America > > already showing signs of becoming a more lucrative marketplace. > > > > I believe there's a word for this. Geopolitics. The truth is, money > > talks, quietly in the audible portion of the public spectrum, but > > very loudly behind the scenes. The last thing I want to do is to > > cause a ruckus, and this TC especially needs to be circumspect about > > what it says and what arenas it chooses to enter, but inevitably > > there will come a day when this aspect of our shared reality has to > > be faced. Unfortunately, while I would once have said that ISO was > > the more appropriate forum for taking up this work, but with their > > recent adoption of a policy to charge for their Country Codes, it > > appears that only OASIS and W3C stand a chance of putting a standard > > in place that can achieve the actual purpose of single-sign-on. > > > > Now, having said all that, let me say that there is a back door that > > this TC might want to pursue, which would be to balkanize the process > > while maintaining a single schema standard for the actual information > > required. By that I mean, make a schema-based standard of the > > vocabulary required, then immediately start making as many separate, > > market/country/region/niche segment standards as there are > > constituencies. Start with web services security and incorporate SAML > > and XACML within these various standards, making them all virtually > > identical, but having so many of them that the major economic blocks > > fighting for market dominance will simply have too many separate > > little constituencies with which to cost-effectively accommodate or > > cope, and each of which can add their own little twists in their own > > little standards. the idea is to make it virtually impossible for the > > big boys to make any money out of trying to keep up while claiming > > that their market group represents the "best" combination of reliable > > services in the global marketplace. > > > > In effect, what this does is to make a virtue of what is happening > > here in OASIS already, with so many small, focused constituencies > > staking out their own territory. At the same time, if this explosion > > of small standards is going to eventually lead to some genuine global > > consensi for broadly based, royalty free, encompassing standards, it > > can, then, actually come about sooner, with too many small targets > > for the major multinational corporations to pick off one at a time. > > > > Fighting Darwinism is in itself, not a good strategy for long term > > survival and success. Better to use its own processes to thrive. > > > > Ciao, > > Rex > > At 10:14 AM +0100 11/29/03, Anders Rundgren wrote: > > >Ladies and & Gentlemen, > > >Here is some information regarding e-sign and e-governments. > > > > > >Sweden's e-sign solutions for e-Governments > > >--------------------------------------------------- > > > > > >Due to the fact that current e-signature client SW is unique, the > > >Swedish authorities' are planning to set up a "signature central" > > >which effectively means that all e-sign operations will be > > >performed in an external and very costly service, instead > > >of being integrated in the e-government applications > > >themselves. > > > > > >If there had been a working e-sign standard, the "signature central" > > >would have been redundant. My study indicates that there are no > > >conflicts or technical problems having a single e-sign solution > > >covering both the desktop (Windows, Mac, Linux, etc), as well as > > >high-end mobile devices. > > > > > >I'm sure that we can find EU money for such a development as the > > >situation is similar in the entire EU. > > > > > >So my question is really only: What are we waiting for? > > > > > >Anders Rundgren > > >Consultant, PKI and e-Business > > >+46 70 - 627 74 37 (on CET) > > > > > >Attachment converted: Enterprise:???#2A6A72.pdf (PDF /CARO) (002A6A72) > > >To unsubscribe from this mailing list (and be removed from the > > >roster of the OASIS TC), go to > > >http://www.oasis-open.org/apps/org/workgroup/egov/members/leave_workgroup.p hp. > > > > -- > > Rex Brooks > > GeoAddress: 1361-A Addison, Berkeley, CA, 94702 USA, Earth > > W3Address: http://www.starbourne.com > > Email: rexb@starbourne.com > > Tel: 510-849-2309 > > Fax: By Request > > > > To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/egov/members/leave_workgroup.php. ---------------------------------------------------------------------------- ---- > To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/egov/members/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]