Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Novell (NOVL) dirt cheap, good buy? -- Ignore unavailable to you. Want to Upgrade?

To: Paul Fiondella who wrote (28096)	9/14/1999 1:51:00 PM
From: Scott C. Lemon	Respond to of 42771

Hello Paul, These comments are not to argue the directions that Novell is going, or to even speculate that I have any idea what these are ... but are just comments on your comments ... > Novell is also going after vendor integration with standards like > XML and ECML and is promoting an LDAP internet directory standard > which cannot be locked up by Microsoft. This is a difficult statement to agree with, only because of one possibility - de facto standards. XML is almost like HTTP. It is simply a vehicle to "encode" data for transport or storage. XML is really nothing with out some definitions of the "tags" ... this can be thought of as Schema. If we all agree that the XML tag "Surname" is out last name, then we can exchange this information. Likewise if we agree that "ShipToStreetAddress" is exactly that - our ship to address - then we can exchange that information. The one power that Microsoft does have is the ability to "force" these definitions through the web server, and the client applications. I hesitate to use the word force, but if they decide that all Microsoft applications are going to start using "ShipToAddress-Street" as the XML tag, then the industry might choose to follow for their applications to be compatible. Likewise they might decide that "LastName" is what they want to use. They do have the ability to write their applications any way they like (for example rolling out a lot of code using their BizTalk ( biztalk.org ) "standards" and getting lots of partners) while the ECML "committee" starts to talk about the subject. > The issue of trust is fundamental to ecommerce. People will not > trust Microsoft to handle their personal information. Nor will they > trust startup.com! I agree completely! Again, my question is "Who is going to create the software package that allows a huge number of people to compete for this trust?" IMHO, this is the company that will be successful ... > You take Citigroup and you put them in charge of an identity vault. > They have every reason to keep that vault secure. Novell's > technology prevents intrusion. That is the type of interest based > partnership that makes sense. I again agree completely! But who is going to provide the software that allows the new-comer to try and compete for this trust? > For this to work, you have to be who you say you are, and your > personal information cannot be shared with insecure sites to > prevent identity theft. These are the two basic principles of an > identity vault. Three points here ... 1. You only have to be who you say you are to the people that you are dealing with at that moment. Meaning that I need to be "Scott the county citizen" when dealing with my county government, but I might want to be "Scott the beer drinking rave attendee" when I deal with others who are into techno raves. And there might be a good reason that I do not want these two "identities" to ever cross, or be able to be connected. The techno rave crowd does not need to know that I am anything other than "Scott the beer drinking rave attendee" 2. IMHO, I believe that we work to keep some of our identites seperate in the real world, and I believe that we will want to in the virtual world. This is why multiple vaults will be necessary. I do know that when the bank is asked to turn over my information, they will. And if the two identites are in the same place, they are now connected. 3. Once you have transferred or exposed anyone to any portion of your identity, they have that information forever. Maybe it will not be update to date, but there is no way to revoke information from someone once it has been given. For example, if you let me see your passport, I could memorize the information on it. You can never get that "back" ... you can't "revoke" this from me. This is like the "secure digital music initiative" ... what a joke! As soon as I get to "play" the music the first time, I can make a high-quality recording (even if I have to use a mic) and re-encode it for distribution. This is why trust is core to all these concepts. > Verification methods will need to be perfected. (I favor letting > the credit card companies establish the identity vault customer by > qualifying the users and then letting the users set up 10 questions > to be asked for verification of transactions --- like what is the > color of my dogs hair). That way no credit card company employee > can compromise the identity vault. I think there will actually end up being three different types of identities ... verified, un-verified, and anonymous. And there will be entities (maybe the same or different ones) that will provide all of these. > I personally congratulate the Novell personnel responsible on for > getting First USA and Citibank on board. That is the way to go! This is definitely the right "top down" start ... these are companies that already seem to indicate "trust" ... Scott C. Lemon