At Liberty

by Rael Dornfest

Sun Microsystems and 32 others have forged The Liberty Alliance, yet another entrant into the Identity space. The project promises an "open, federated, single sign-on identity solution for the digital economy via any device connected to the Internet."

Federated identity is the logical approximation of real-world identity. It is context sensitive: my work, cellular, and home phone numbers. It's compartmentalized, loosely-coupled at best: my credit, video, and donor cards. It's subtly nuanced: my community, enterprise, family, and personal calendars. I'd no sooner surrender this gestalt to a single online identity authority than stuff it all into my wallet.

Sun et al dive into the fray on the heels of Microsoft's announcement of its intention to open Passport and create a "federation of trust" wherein an identity may used across systems, domains, and organizations.

While the alliance sports an impressive starting line-up, Lucas Gonze (of Decentralization mailing list fame) points to some interesting omissions:

AOL is Sun's traditional ally and it isn't a member. Yahoo, ICQ, and Jabber aren't members. IBM isn't a member. Verisign and eBay are members but have deals to support Passport also.

Marge Breya, Sun One marketing VP, in an InfoWorld article:

The alliance hopes companies such as Microsoft and AOL Time Warner that are working on similar technologies will join the Liberty program, Breya said. A Web site could have multiple types of authentication available such as Passport and the Liberty protocol.

For now the alliance is strategic, not technological. Lofty name aside, Liberty doesn't have much in hand to speak of; there's no spec to implement, no code to run. Passport is deployed and usable today, is supported by partners galore, and promises open Kerberos 5 based authentication next year. Liberty could find itself branded "Passport, only later."

I must also admit to being perplexed by the possible outcome of our present identity cornucopia. Do I face a zero-sum game of trading in My Yahoo!, My E*trade, and my library card for My Passport, My Magic Carpet, and My Liberty?