Wanted: A good "auth" project
We think that DotGNU should probably contain a "Virtual ID" system (see below for details on what we mean with that), even if there is currently no such project part of DotGNU. A project in this area which agrees with DotGNU's goals would be very welcome to become part of the DotGNU meta-project.
It has been suggested that DotGNU's native authentication and authorization subsystem could founded on a FOAF-based virtual identities system. In addition, DotGNU could use MACS, the Modular Access Control System for integrating DotGNU with other auth systems, as well as making DotGNU's authentication and authorization subsystem available to non-DotGNU-based applications.
Please use the DotGNU auth mailing list for discussing these and other "auth" ideas for DotGNU.
DotGNU Virtual Identities
With a "Virtual ID" system we mean an integrated solution to the following problems:
We must NOT create a passport "portal". That is technically and morally wrong. We must create a framework that can be scaled and deployed at any level desired, whether locally, at an enterprise, or at a portal. Authentication and access to private information should be peer to peer to preserve local storage of those things which should remain in private users hands. The ability to migrate data upward can be provided for, on a selective basis, and controls must be provided as to who may or may not access specific user information.
Your comments please...
You are invited to add your comments concerning this at the appropriate page of the DotGNU Wiki