Finish passport document

svn path=/trunk/mono/; revision=105

1 files changed, 190 insertions, 2 deletions

diff --git a/web/passport b/web/passport
index 9d935875906..5a7ccb60af6 100644
--- a/web/passport
+++ b/web/passport
@@ -14,10 +14,198 @@
 
 ** Passport
 
-	There is nothing in Passport really advanced technologically
-	speaking. 
+	Passport is important not because of it being breaktrough
+	technologically speaking, but because the company is in a
+	position to drive most people toward being suscribers of it.
+
+	At the time of this writing passport is required to use the
+	free mail service <a href="http://www.hotmail.com">Hotmail</a>
+	to get customized support for the <a
+	href="http://www.msn.com">MSN portal</a>, <a
+	href="http://msdn.microsoft.com">Microsoft Developers
+	Network</a> and according to the original announcement from
+	Microsoft <a href="http://www.americanexpress.com">American
+	Express</a> and <a href="http://www.ebay.com">EBay</a> will be
+	adopting it. 
+
+	There is already a <a
+	href="http://www.passport.com/Directory/Default.asp?PPDir=C&lc=1033">Large
+	list</a> of participating sites.
+
+	There are many current users of it and Microsoft will be
+	driving more users towards Passport as it <a
+	href="http://news.cnet.com/news/0-1003-200-6343275.html">integrates
+	it</a> in their upcoming release of Windows.  
+
+	Microsoft has also <a
+	href="http://www.passport.com/Business/JoinPassportNetwork.asp?lc=1033">developed
+	a toolkit</a> to enable current web merchants to integrate
+	their services with passport.
+
+	To the end user, there is a clear benefit: they only have to
+	log into a single network and not remember multiple passwords
+	across sites on the internet.  Companies that adopt passport
+	will have a competition advantage over those that dont.
+	Microsoft lists a list of <a
+	href="http://www.passport.com/Business/Default.asp?lc=1033">benefits</a>
+	to companies. 
+
+
+** The problems of Passport
+
+	There are a number of concerns that different groups have over
+	Passport.  Sometimes I have some, sometimes I do not.  But
+ 	overall, consumers and businesses can have better solutions.
+
+	<ul>
+		* <b>Single Point of Failure:</b> As more services and
+	 	components depend on remote servers, functionality can
+	 	grind to a halt if there is a failure on the
+	 	centralized Passport system.  
+
+		Such a failure was predicted, and we recently <a
+		href="http://news.cnet.com/news/0-1005-200-6473003.html">witnessed</a> 
+		got a lot of people worried.  
+
+		The outgage lasted for seven days.  Think what this
+	 	could do to your business.
+
+		* <b>Trust:</b> Not everyone trusts Microsoft to keep
+	 	their information confidential.  Concerns are not only
+	 	at the corporate level policy, but also the fact that
+	 	the source code for Microsoft products is not
+	 	available, means that trojans or worms could be built
+	 	into the products by malicious engineers.  This is not
+	 	unheard of, as the <a
+	 	href="http://slashdot.org/articles/00/04/14/0619206.shtml">Microsoft
+	 	Internet Server</a> had a trojan horse built into that
+	 	allowed anyone that knew about this to control any
+	 	server running IIS.
+
+		* <b>Security:</b> With a centralized system like
+	 	Passport, imagine the repercussions of a malicious
+	 	hacker gaining access to the Passport database.
+	 	Personal information and credit card information about
+	 	almost everyone using a computer could be stored there.
+
+		Hackers have already <a
+	 	href="http://slashdot.org/articles/00/10/27/1147248.shtml">broken
+	 	into Microsoft</a> in the past.  And the company was
+	 	unable to figure out for how long their systems had been hacked. 
+	</ul>
+
+	Microsoft might or might not realize this.  The idea behind
+	Passport is indeed a good one (I can start to get rid of my
+	file that keeps track of the 30 logins and passwords or so
+	that I use across the various services on the net myself).
 
 ** Alternatives to Microsoft Passport
 
+	An alternative to Microsoft Passport needs to take the above
+	problems into consideration.  Any solution of the form `We
+	will just have a competing offering' will not work.
+
+	The system thus has to be:
+
+	<ul>
+		* <b>Distributed:</b>  The entire authentication
+		system should not create an internet `blackout' in the
+		case of failure.
+
+		* <b>Allow for multiple registrars:</b> Users should
+		be able to choose a registrar (their banks, local
+		phone company, service provider, Swizz bank, or any
+		other entity they trust.
+
+		* <b>Mandate good security measures:</b> As a
+		principle, only Open Source software should be used
+		for servers in the registrar, and they should conform
+		to a standard set of tools and software that can be
+		examined by third parties.
+	</ul>
+
+	An implementation of this protocol could use the DNS or a
+	DNS-like setup to distribute the information of users with the
+	possibility of replicating and caching public information
+	about the user.  
+
+	It could also just use the user e-mail address as the `key' to
+	choose the registrar (msn.com, hotmail.com -> passport.com;
+	aol.com -> aol.passport.com; you get the idea).
+
+	The <a
+	href="http://www.soapware.org/xmlStorageSystem">xmlStorage</a>
+	idea from <a href="http://www.scripting.com">Dave Winer</a>
+	could be used to store the information.
+
+	A toolkit for various popular web servers could be provided,
+	authenticated and should be open sourced (for those of you who
+	think that a binary program would give more security and would
+	prevent people from tampering: you are wrong.  You can always
+	use a proxy system that "behaves" like the binary, and passes
+	information back and forth from the real program, and snoops
+	in-transit information).
+
+	Good cryptographers need to be involved in this problem to
+	figure out the details and the possible insecure pieces of a
+	proposal like this.
+
+** Deploying it
+
+	The implementation of such a system should be a pretty
+	straightforward tasks once security cryptographers have
+	designed such a beast.  
+
+	The major problems are:
+
+	<ul>
+		* <b>People might just not care:</b> In a poll to US
+		citizens a couple of decades ago, it was found that
+		most people did not care about the rights they were
+		given by the Bill of Rights, which lead to a number of
+		laws to be passed in the US that eliminated most of
+		the rights people had.  
+
+		* <b>The industry will move way to slow:</b>
+		Microsoft's implementation is out in the open now: it
+		is being deployed, and soon it will be insinuated to
+		many, many users.  The industry needs to get together
+		soon if they care about this issue.
+
+		By the time the industry reacts, it might be too
+		late. 
+	</ul>
+
+** Passport and Mono
+
+	The .NET class libraries includes a Passport class that
+	applications might use to authenticate with Passport.  Since
+	we do not have information at this point on the exact protocol
+	of Passport, it is not even feasible to implement it.
+
+	If at some point the information is disclosed, it could be
+	implemented.  
+
+	If a competing system to Passport existed, we could probably
+	hide all the authentication information to use a number of
+	different passport-like systems.
+
+	If a user does not want to use Passport at all, he could
+	always turn it off (or completely remove the class from the
+	library).  After all, this is free software.
+
+	Currently, we are too far from the point where this is a real
+	issue. 
+
+** Disclaimer
+
+	This is just a group of personal thoughts of mine that I have
+	placed here because I get asked this question a lot lately.
+	The views of this page are not a statement from my employer
+	(Ximian, Inc).
 
+	Nat Friedman (Ximian's co-founder) has his own ideas on how a
+	competing system to Passport could be designed, but I will let
+	<a href="http://www.nat.org">him</a> post his own story.
 
+Send comments to me: Miguel de Icaza (<a href="mailto:miguel@ximian.com">miguel@ximian.com</a>)
\ No newline at end of file