Subject: Re: Q: Can you build an authentication system on OS?
From: Bernard Lang <Bernard.Lang@inria.fr>
Date: Tue, 10 Jul 2001 14:38:48 +0200

On Wed, Aug 05, 2037 at 04:47:28PM -0400, Zimran Ahmed wrote:
> >   Furthermore, my experience is that the internet resists attempts to
> >centralization.  Often, centralized solutions are simply not viable.
> >Two example that come to mind:
> >  - the weak point of Napster was its central repository
> 
> Napster being viable was not driven by technological or architectural 
> reasons, it was not viable for *business*/*legal* reasons, and even then 
> only because the RIAA did not want to see their distribution monopoly get 
> eroded.

I strongly disagree ... Napster never did anything illegal.  Their
repository was nothing but a search engine (as I understand, I never
used it).  Was was illegal was for some people to publish copyrighted
work on the net wia the server end of the napster user software.  Now
the napster user software (a browser server combination) was not
illegal either (the judge admitted as much, since it can be used
lawfully). Again, only the user's publishing act was illegal.

   or did I miss a point.

Now, it the napster repository had been duplicated in many places (not
necessarily as atomized as with gnutella), it would have been much
harder to stop.

> Napster delivered an excellent service to its customers. It was 
> incredibly easy to install, and use, and delivered fantastic utility. 

irrelevant

> The two alternatives being built are
> 1) a peer-to-peer model where it is really hard to find things (bad 
> experience)
> 2) a tethered download model where you don't own anything you play (bad 
> experience)
> Both of these are inferior to Napster.

yes, but Napster could be stopped by hitting just one target ... no
way to route around it.  That is the weakness.

> >   So, why is it precisely that the new MS offensive to control
> >economic activity on the net should work.
> 
> That's the rub. Their monopoly control over the desktop and their 
> developer community around .NET might get enough subscribers and services 
> that those who don't sign up lose out on valuable functionality or become 
> inoperable with too many online services. The only major competitor they 
> have is AOL. 

what are AOL chances for survival in this context ... what avenues are
open to them ?   Siding with us ?

> In the same way open source challenges the very business model of 
> proprietary software development by changing all the rules, 
> authentication architecture challenges the open model of the internet 
> turning it into an instrument for total control. Lessig made his 
> observation in "Code is Law." .NET is just its most ambitious 
> manifestation yet. I don't see how open source has an answer to this, 
> it's a different game.

It seems to me that if standards are open, it does not matter who
authenticates.  The protocole will just want an authentication from
a trusted service.  Why should they decide onlt MS authentication is OK.

Any attempt at providing companies with software that accepts only MS
authentication should be successfully challenged in court.  I
certainly do not see it being accepted in Europe.

I must have missed something again.

Bernard

-- 
         Non aux Brevets Logiciels  -  No to Software Patents
           SIGNEZ    http://petition.eurolinux.org/    SIGN

Bernard.Lang@inria.fr             ,_  /\o    \o/    Tel  +33 1 3963 5644
http://pauillac.inria.fr/~lang/  ^^^^^^^^^^^^^^^^^  Fax  +33 1 3963 5469
            INRIA / B.P. 105 / 78153 Le Chesnay CEDEX / France
         Je n'exprime que mon opinion - I express only my opinion
                 CAGED BEHIND WINDOWS or FREE WITH LINUX