IDsec: Virtual Identities on the Internet

Highlights


Specification Update
An updated version of the Internet Draft is available.

PHP release 1.0
An IDsec-for-PHP reference implementation is available from the SourceForge project website.

Java Demo Deprecated
An IDsec-for-Java content adaptation demonstration is still available from the CVS repository.
It is deprecated now.


Last Updated
May 15, 2002

Introduction
IDsec is a mechanism that provides a digital identity (aka. Virtual Identity) for users on the Internet. Users may allow Internet service providers to access their User Profile data. As such it can be an alternative for MS Passport.

Overview
The solution that IDsec offers is based on access control lists that are expressed in terms of certificate information. A short description can be found here. A high-level overview picture of the architecture can be found here.

Specification
The architecture of IDsec is specified in an IETF Internet Draft, available from this site or the IETF.

Implementation
A PHP implementation of IDsec exists and is available from the SourceForge CVS repository. It works together with a client-side proxy (JunkBuster 2.0 with IDsec modifications). A picture of the demonstration configuration can be found here. Preliminary documentation can be found in the distribution package.

These services rely on OpenSSL functionality. The PHP implementation serves as the IDsec reference implementation.

An implementation of an IDsec "native" Apache module is available in CVS. Details can be requested here.

Status
Several people have given positive feedback on the IDsec specification. It has been proposed as input to the IETF, to the DotGnu project and to the PingID project, amongst other personal initiatives.
Furthermore RSA security has commented on the draft specification and they will put it forward as input to the Liberty Alliance Project.


SourceForge Logo The IDsec site is maintained by Telematica Instituut. Send your comments to Hans Zandbelt.