Last issue, I mentioned Sxip Networks and promised to look more closely at it today. So here we are.

Sxip was created by Dick Hardt, after he sold ActiveState - a vendor of open source programming languages and anti-spam software - to Sophos in 2003. Sxip isn't an application, but a service - called the Sxip Network - to provide a form of single sign-on for Web services to individual clients. It's a personal service, like Microsoft Passport, but builds on a network of trust like the Liberty Alliance federation scheme, described by the company as a "loosely coupled, extensible network."

Hardt thinks it's much better than either Passport or Liberty. He says: "Both Sxip and Passport provide single sign-on services, but how they store data and communicate with Web sites is quite different. Unlike Passport, which requires a central data storage facility at Microsoft, Sxip enables users to store their identity information with any Homesite provider they choose.

"Subscribers to Sxip also always have control over what information they release to each site they visit. Finally, Sxip provides open source tools and an extensible protocol, making it much easier to implement for developers. With Sxip, unlike The Liberty Alliance, all Web sites are part of one big network, solving the Web's Balkanization from a user perspective. Because with Sxip all data is transmitted at the user's command, Web site servers never communicate with each other directly, so no new trust creation is necessary."

Greatly simplified, there are two types of servers in the Sxip network - homesites and membersites. A homesite stores user data, authenticates the user and validates the user to a membersite. Both communicate with the "rootsite," the authoritative source for server information. Detailing how it all works is far beyond the scope of this newsletter, but fortunately Hardt has just released a lengthy (27-page) white paper describing the setup in detail. Read (or download, it's in Acrobat format) the paper at https://sxip.org/docs/specs/how-sxip-works.pdf to get a feel for how this could impact the work you're doing either as a person or as an organization.

Sxip is also closely aligned with the open source movement. Much thought has gone into privacy and data protection now and in the future. According to the company: "The Sxip Network governance model is currently being established. It will be modeled after that of a public utility with two primary directives. The first is that there will be a restricted ability to transfer ownership. Run as a cooperative, members will have the first right of refusal. The second is that the Sxip Network will be limited in its business operations to only operating the Network. It will not be allowed to compete with members." That almost gives an alternative meaning to the term "social networking."

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.