Tuesday, September 26, 2006

Liberty is more than relevant

Recently, it seems a spate of people have been asking if the work being done by the Liberty Alliance is still revelvant (call me suspicious, but I think they're only doing it to be controversial in order to drive up readership, so I'm not linking to their pages from here :-)).

Perhaps I suffer from a lack of objectivity as I have been involved in Liberty since it was founded in 2001 (and still cringe anytime I hear "the Sun led..." :-)), but Hell YES it is relevant -- it is more than relevant. The work going on in the alliance includes:

  • The ONLY ongoing work at defining and extending an interoperable profile for identity based web services in the industry (this work is NOT yet being done explicitly in any WS-* draft or spec, nor any WS-I work I have seen).

    As an example of the ongoing work, the most recent release (ID-WSF 2.0, to be published RSN) includes multi-party transaction support and user-to-user federations -- both of which have been very well received in the industry (the typical "duh, why hasn't anyone addressed that before kind of stuff").

  • The Strong Authentication Expert Group working on trying to solve the problem of Strong Authentication across the industry so that the user doesn't end up with a boat anchor full of strong auth device tokens and so that developers and deployers of said tokens don't need to support hundreds of different protocols.
  • The eGovernment, eHealth and IDTheft SIGs addressing the issues related to Identity in various envionments
  • The Liberty Conformance program, which is certifying interoperability conformance of products in the ID-FF, SAML2 and ID-WSF worlds. If you plan to deploy any of these services, you will save alot of time if you require that the products have been through conformance or you will be spending alot of time trying to get them to work together.
  • etc., etc.

If you haven't lookes at it recently, I suggest you take a look at the revamped web site which does a much better job at getting the message across than the old site (although I can't say I'm a fan of the color choices they made).

If you're wondering about whether or not you should join, the question, in my mind, comes down to "Do I have relevant use cases that I want solved by the specifications and do I want to impact the solutions to ensure they are implementable in my environment?"

If you answer yes to either or both of those, you should join.

Tags : / / / / /

No comments: