Follow Slashdot stories on Twitter


Forgot your password?
Windows Operating Systems Software

Open-Source ID Project Awaits Microsoft's Blessing 45

An anonymous reader writes to mention that an open-source alternative to Microsoft's CardSpace tool has been on hold for months while they await patent blessing from the Redmond software giant. "While CardSpace is available on Windows, one goal of the Higgins project is to cover other operating systems. Higgins wants to offer an open-source alternative that works on Windows and on alternatives such as Linux and Mac OS X. The application would work similarly to CardSpace."
This discussion has been archived. No new comments can be posted.

Open-Source ID Project Awaits Microsoft's Blessing

Comments Filter:
  • by jacquesm ( 154384 ) <> on Friday March 09, 2007 @02:29PM (#18291794) Homepage
    and reap the PR bonanza if you should get sued.

    Never mind waiting for an ok on a patent license, I waited for over a year for
    Fraunhofer/Thomson to get of their asses but unless you are hitachi or so they
    will simply ignore you.

    • Re: (Score:3, Insightful)

      by truthsearch ( 249536 )
      I agree. They're only promoting the use of software patents by waiting for a license. They're validating Microsoft's stance. Implement it anyway and contact the EFF and others when the lawsuit notification arrives.

      Of course I'm glad I'm not them. It's easy to tell others to stand up to a wall of lawyers than to do it myself.
    • Folks, the whole intent of "InfoCards" is to provide an easy way for users to authenticate regardless of platform/OS. There is nothing proprietary about InfoCards."CardSpace" is a feature of Windows that will help Windows users manage their "InfoCards." MSFT hopes and expects that a variety of organizations (commercial, govt, non-profits etc.) will issue and accept InfoCards and that software developers will build tools/UI's/apps for managing InfoCards on a variety of platforms. The whole premise of InfoCar
      • by jZnat ( 793348 ) *
        So, uh, what's wrong with Smart Cards then? NIH syndrome?
        • Its a physical device. It may not always be attached to the computer, so its not as convenient when someone wants to buy something from the web. Manufacturing costs are much higher for Identity Providers than sending out an electronic file.
      • 5. Amazon sends (via Web standards, nothing proprietary to MSFT or Windows) the user an encrypted token. The token might come with an Amazon-branded digital "card" that visually represents the Amazon account and token. 6. The next time the user goes to Amazon he/she can log-on to Amazon using the InfoCard instead of user name and password.

        What happens if user downloads and installs.. hm.. a shareware program, which, pretending doing its internet updates, sends the tokens found on a PC to someone else?

        • You're safe!

          The cards are stored on an encrypted portion of the disk which can ONLY be accessed by the CardSpace user account. If you install .Net 3, you'll have a CardSpace control panel item. When you run it, your entire desktop is disabled until you are done working with it.

          That's because that control panel item ONLY runs under an account specifically designed to manage the cards, and ONLY that account has the encryption keys needed to unlock the disks.
      • Thanks for providing the only sane post I've read so far.

        I actually attended an MSDN event last week, and CardSpace as one of the topics. Its goal is similar to Passport, which the presenter admitted failed. They also know why they failed; because no one wanted to give MS all their personal information when MS wasn't involved in the transaction in any way.

        MS WANTS others to implement this, and the whole thing is built on web service standards. CardSpace is just the card manager / selector on Windows; the
  • by eln ( 21727 ) on Friday March 09, 2007 @02:40PM (#18291934)
    And people in Hell are waiting for ice water.

    Seriously, I know Microsoft loves to talk a lot about interoperability with OSS projects, but most of it seems to be PR-driven rather than reality-driven.
    • Seriously... I hope they're not holding their breath.
    • by mgiuca ( 1040724 )
      Of course it is. Microsoft as a business survives on the single fact that there is no interop with OSS. If there was, their market share would erode and there would be a slippery slope down to OSS.

      They are a bit backed in however, because they have to make it look like they're interested in interop, because everyone wants interop.

      The prime example is the Novell deal, which is apparently made out of interop. But if they were actually interested in interop, they might actually start publishing some specificat
      • No, MS wants interop, and they seem to realize they need to play with standards.

        The CardSpace cards idea is backed by others, including Sun. All the technology it uses is standard WS-* specifications. The only proprietary part is the Card Selector interface, which each OS needs to develop for themselves. I was even shown the Html tags that Firefox would need to interperate to know it needed to deal with the CardSpace.

        As another example, by default, VS 2005 projects target strict Xhtml 1.1; all th
        • by mgiuca ( 1040724 )

          No, MS wants interop, and they seem to realize they need to play with standards.

          Play with standards is right.

          When MS does interop, it is under their terms. For example, they won't help the Samba project one shred, and go out of their way to make their SMB protocol more confusing to hinder (or "fuck with", as one MS engineer was apparently quoted as saying) Samba.

          They refuse to work with the ODF format. It doesn't play by their rules.

          But if MS is dictating the terms, sure we'll interop then. That's why they

  • Binding? (Score:5, Interesting)

    by starseeker ( 141897 ) on Friday March 09, 2007 @02:40PM (#18291942) Homepage
    One thing that is not clear to me is whether these "promises" not to sue on various patents have any legal standing. IANAL so perhaps there is some principle of "public statement of intent" that would contrain their actions, but with no signed contract or agreement in place not to sue couldn't a management change bring about a new policy on those patents?

    I think the MAD principle is still what's holding back a patent war in the US (plus a hot and heavy patent fight harmful to the industry might spur software patent reform) and I can't see why Microsoft, as a corporate entity, should be trusted in the least.

    Plus, the principle of legal intimidation is still all that is really needed here, not actual victory in a patent case - most open source projects don't have the resources to defend themselves from even a non-valid challenge. That's why MAD is effective where even legal safety might not be - sort of a "don't beat up on the weak kid or you'll start a brawl" effect.

    The problem with open source in a legal sense (at least in the US) is that open source volunteer projects need some condition where they CAN'T be sued, and as I understand it that simply isn't possible under the US legal system where anyone can sue anyone else for anything. The suit may not be valid but until that's decided it can go ahead in any case and the accused MUST respond or risk a default judgement against them. Patents make being on unshakable ground impossible in general for anything nontrivial, and once a project is deprived of the ability to assume an absolutly invulnerable position (except not doing the project) the waters get murky fast.

  • It's a neo-condescending sort of way to describe it, but fresh meat is fresh meat. Perhaps Microsoft has an XML open document format that they'd like to try in return ;)
  • sure... (Score:3, Funny)

    by Grinin ( 1050028 ) on Friday March 09, 2007 @02:53PM (#18292136) Homepage
    Yeah I'm sure they'll give their blessing......... and the Pope's Muslim.
  • by BalkanBoy ( 201243 ) on Friday March 09, 2007 @03:13PM (#18292430)
    1) liquidate all your capital assets
    3) put proceeds in a bank account, offshore, anonymously if possible, or hide it real well somewhere (bury the gold bullion somewhere)
    4) violate the patent by promoting your project
    5) sleep every night in a different location. Do not repeat a location unless you've been to at least 364 other locations previously (or better yet, 364*2+1)
    6) be prepared to move to a warm location like San Diego, Mexico, Hawaii, where you can bum on the street while your project takes off, becomes so big and gains eventual acceptance like anti-DRM-ed media is about to.

    Somewhere along the way, if you are married, divorce your wife, pay her alimony till she gets a job, and leave some cash for the children. Only in this 'revolutionary' manner will you get a blessing from MS. Of course, whether you should do this, is entirely up to your imagination.
  • I'm sure the blessing of this open-source ID thing is right on Microsoft's to-do list, just after they bless ODF, Linux, OpenOffice, FreeDos, Media Player Classic, Minesweeper 3D, and everything else out there that is an open, free, viable alternative to core proprietary Microsoft products.
  • I would just put it out, worry about legalities later. And why didn't you choose for open software in the first place? There is OpenID which has far more support and possibilities and you won't have to worry about blessings by anyone.
  • by Rinisari ( 521266 ) on Friday March 09, 2007 @03:38PM (#18292748) Homepage Journal
    What's the difference between the Higgins project [] and OpenID []?
  • Maybe the committee could bring it up during their next round interoperability talks with MS.

  • If OSS is trying (and succeeding from what I understand) to mimic CardSpaces within Windows and other OSS's, does this mean that Microsoft is actually being innovative? Or is this technology the "same old crap" that has already been written better and freely available? And, if it's the same old crap, why waste good OSS dev cycles trying to re-invent whats already out there, instead of pointing end users to that?
  • Microsofts Blessing (Score:3, Interesting)

    by nurb432 ( 527695 ) on Friday March 09, 2007 @05:26PM (#18294214) Homepage Journal
    Why do i get a feeling they wont ever get it, and this is just the beginning.

  • Well, the reason why they want to wait for approval is because some big names are participating [] such as IBM [] and Novell []. I really don't think they're too interested in a patent battle with Microsoft when Microsoft seems to have the upper hand. IBM, for one, does not like to lose in court.

Real Programmers don't write in PL/I. PL/I is for programmers who can't decide whether to write in COBOL or FORTRAN.