Liberty Alliance members test for interoperability

Interoperability is important in any heterogeneous environment. To achieve interoperability we establish standards bodies and create protocols. As just one example, I ask you to recall DIF – the Directory Interoperability Forum.

Formed as an ad hoc group of directory service vendors, DIF later brought itself under the aegis of the Open Group and is best known for its Lightweight Directory Access Protocol certifications, especially the “Works with LDAP” award, which certifies that a given application can work with any LDAP-compliant directory.

To test this compliance, the DIF holds events called PlugFests, which are only open to members and participants. The vendor participants bring in their services and applications, which are put through their paces with a number of different LDAP-enabled directory systems. Those that pass the tests are announced with a great deal of fanfare. Those that don’t are allowed to sneak out through the back door.

The Liberty Alliance recently did something similar. Member companies with Liberty Specification-enabled products were invited to a conformance-testing event in Madrid last month, with the results being announced last week. Only those who passed the conformance test were announced.

Products from Ericsson, Nokia, NTT, NTT Communications, NTT Software, Phaos Technology, Ping Identity, Sun and Trustgenix were pronounced conformant to the specification (see details at https://www.projectliberty.org/press/releases/2003-12-09.html).

Evidence suggests that there was at least one other product tested that did not perform well, but no amount of digging has been able to reveal who, or what, that was. Additionally, there are 15 other vendors listed by the Liberty Alliance as providing “Liberty-Enabled” products (https://www.projectliberty.org/resources/enabled.html), but no word was forthcoming as to why they weren’t also tested if, indeed, they weren’t.

Since the whole raison d’etre of the Liberty Alliance is to provide standards for interoperability of federated identity management services, you’d think it would be important for all vendor-members to see that their products were tested for both interoperability and conformance to the specification.

Maybe the real importance of this testing lies in what it doesn’t say – that products based on the Liberty Alliance specification aren’t yet ready for prime time. I keep hearing that fully operational Circles of Trust (the working unit for a group of Liberty-enabled enterprises) will shortly be announced, but so far, only a few controlled test cases have come to light. Christmas is coming, though, and there might still be a bright, shiny Liberty ornament on the tree come Christmas Day

Next issue, I’ll take a look at another interoperability event, one with enormous ramifications for identity management and even for the Liberty Alliance.