Commerce can't happen if you don't know with whom you are doing business. That's true in the real world, and it is doubly so on the Internet.
In the real world, there are many accepted standards for establishing personal and professional identities with varying degrees of reliability: driver's licenses, business cards and signatures.
But on the Internet, it's not such a simple matter -- particularly when you are talking about business-to-business (often called B-to-B) commerce. Mere e-mail addresses don't adequately confirm a business partner's identity. More sophisticated tools -- such as Pretty Good Privacy signatures or digital certificates -- are still too hard to use, are not necessarily compatible with one another, and are not very widespread.
That's why the Lightweight Directory Access Protocol (LDAP), championed by Netscape, is so important.
In fact, LDAP is going to be as critical for B-to-B I-commerce as Secure Sockets Layer (SSL) has been for business-to-consumer commerce.
Netscape's most lasting contributions to the Internet may turn out not to be its Web browsers or servers, but these two protocols.
Imagine setting up an extranet to expedite business with the companies that distribute the products you manufacture. You want to let your distributors sign on whenever they need to place an order, notify you that they're returning excess inventory, and so forth.
If you have many business partners, keeping track of them and their employees -- and assigning appropriate extranet access rights to each of them -- could quickly mushroom into an IT manager's nightmare. The problem would multiply if you run many different applications on your extranet and needed to separately authenticate users for each one.
The solution Netscape proposed is its LDAP directory server, cleverly named Netscape Directory Server. Netscape Directory Server enables you to create a single repository of personal information, access rights, and other data for all extranet users.
What's more, you can delegate maintenance of your business partners' individual employee records to the partners themselves. That way, when distributors hire or fire salespeople, they can update the employee records themselves.
If you need security beyond simple user names and passwords, you can incorporate digital certificates, managed by Netscape's Certificate Server. These certificates, which function as unique identifiers of each individual, are stored with the directory entries.
What is interesting about this scenario is that, because it is LDAP-based, any LDAP-compatible client (or even another LDAP server) can query the directory and retrieve user information over the Internet.
This interoperability is the great strength of Netscape's directory strategy, and what makes it so appropriate for extranets and B-to-B commerce.
It also is Netscape's weak spot. Other companies can (and do) create LDAP-compatible directory servers and clients, all of which -- in theory -- would work as well as Netscape's.
A similar thing happened with SSL: Netscape pioneered its use, but now virtually every Web browser and Web server offers SSL support, creating a de facto standard and obviating Netscape's early advantage.
So, will Netscape's championing of LDAP be its salvation or its undoing? You be the judge. Write to me at firstname.lastname@example.org.
(Dylan Tweney has been covering the Internet since 1993. He edits InfoWorld's intranet and Internet-commerce product reviews.)