about_netidmgr.htm [plain text]
<html>
<head>
<title>About Network Identity Manager</title>
<meta name="description" content="About NetIDMgr">
<meta name="keywords" content>
<link rel="stylesheet" type="text/css" href="nidmgr.css">
</head>
<body>
<h1>About Network Identity Manager</h1>
<p>This is strictly an informative page about the origins of Network Identity Manager.
</p>
<h3>In the beginning</h3>
<p>Network Identity Manager was conceived as an identity management solution to
make up for the shortcomings of Leash32 (distributed with MIT Kerberos for Windows)
and AFSCreds (distributed with OpenAFS). </p>
<p>The work started as Unified Credentials Manager, a final project for the MIT
course 6.831 : User Interface Design and Implementation, taught by
<a href="http://people.csail.mit.edu/rcm/">Professor Rob Miller</a>. By the time
actual code was written, it was named Khimaira (which was later changed to Network
Identity Manager around October, 2005). Traces of the name Khimaira might still
exist in the source code. </p>
<p><a href="http://workshop.openafs.org/afsbpw05/talks/khimaira.html">Khimaira:
A Unified Interface for AFS and Kerberos</a> was presented at the
<a href="http://workshop.openafs.org/afsbpw05/">AFS and
Kerberos Best Practices Workshop 2005</a>. </p>
<p>A second talk,
<a href="http://workshop.openafs.org/afsbpw06/talks/asanka.html">Developing
plug-ins for Network Identity Manager</a>, was presented at
<a href="http://workshop.openafs.org/afsbpw06/">AFS and Kerberos Best Practice
Workshop 2006</a>.</p>
<p>The development of Network Identity Manager has been financially supported
(in alphabetical order) by <a href="http://www.fnal.gov/">Fermi National
Accelerator Laboratory</a>,
<a href="http://web.mit.edu">MIT</a> <a href="http://web.mit.edu/ist/">Information
Services and Technology</a>, <a href="http://www.jpl.nasa.gov">NASA Jet Propulsion
Laboratory</a>, <a href="http://www.secure-endpoints.com">Secure Endpoints Inc.</a>,
and <a href="http://www.stanford.edu/">Stanford University</a>.
</p>
<h3>Design</h3>
<p>A plug-in based architecture was chosen so that support for additional credential
types and features could be added without making changes to the mainline code. In
addition to making the application easily extensible, this also allows the AFS plug-in
to be maintained within the OpenAFS code base and separates the code supporting
Kerberos v5 and Kerberos v4 permitting Kerberos v4 to be easily removed from the
Kerberos for Windows distribution. Furthermore, it is anticipated that this would encourage
third party developers to develop plug-ins for Network Identity Manager.
As of September 2007, a Kerberized Certificate Authority credential provider and
a Grid credential provider are available from third parties.</p>
<p>More information about the concepts used in the design of Network Identity Manager
can be found <a href="concepts.htm">here</a>. </p>
</body>
</html>