thebs writes: "Although Microsoft's TrustBridge was announced a week ago, I didn't see it in the archives so I hope this isn't a repost (because I cannot
believe it was missed). There is some more information regarding it at
Ziff-Davis in these ZDNet and eWeek articles.
"The implementation is based around Kerberos v5, but it seems to be
clearly an ActiveDirectory-only implementation. I.e., you'll need a
Kerberos client built for Microsoft's extensions so it can interoperate with ActiveDirectory. In a nutshell it seems like their Hailstorm Initiative flopped, but some companies were far more receiptive to just using the existing infrastructure offered with ActiveDirectory. And don't be surprised if Microsoft starts marketing it as a "more open, industry-standard technology" than Sun's Liberty Alliance because it uses Kerberos c/o ActiveDirectory.
"One of the quotes in the eWeek article of the .NET product manager was a bit scary IMHO:
'...it would be much more efficient if we could accept the identity generated by somebody's employer. We need to get to a world where identity can flow between organizations.'
"As if we didn't have enough of an issue keeping our employers from
reselling our info, asking for our signature so they can do a "credit
check" for some unknown reason (even though we might not be in a
priviledged/cleared position to warrant one), etc... Assuming Microsoft markets this to employers, I'm sure they will "gobble" this up. I mean, they'll say "hey, now we have a single, interrelated system to manage our employes, both internal and external (e.g., employment/salary verification, etc...), and we'll be paid to give out our employee's info at the same time!" Maybe I'm looking at this wrong, but this scares me more than Hailstorm ever did!
"BTW, has anyone noticed how Microsoft has been using "Trust" as of late? Is this 'TrustBridge' the beginning of another 'technology prefix' -- e.g., 'ActiveX,' 'DirectX' and, now, 'TrustX' for security
products/technologies? Even more humorous, put those 'technologies'
together in an acronym and you've got 'ADT' ... 'ADTI'??? Does the 'I'
stand for 'IgnorantX'?"