Identity is a Secret.
Identity is a Mystery.
Identity is a Killer.
|
 |
That's the teaser for a new film,
but it conjures up the Digital ID debate. It's a mystery how we're going to
keep our identities secret from people we don't want to hear from,
and Doc thinks
that the right (NEA) form of DigID
could be part of a killer
app:
"When I spoke at Digital ID World last Fall, I said I didn't believe
any of this would begin to happen in a meaningful way until we had an invention
that mothered some necessity--a dirt-simple killer application or killer
protocol that would spread like wildfire and carry its own default infrastructure
to ubiquity. I'm not sure Liberty supports that, but I don't know.
I'm confused
about how a commercial, non-NEA form
of DigID would roll out. It still feels like the only killer feature of DigID
will be to silence the conversation about
DigID and the Liberty Alliance.
Big outfits that talk about our "Liberty" sound like Ashcroft PATRIOTism.
To be fair, Liberty isn't proposing a new identity database, which was my
previous, mistaken concern. They're creating a way that your sign-on to United
Airlines' site would not require a separate sign-on when going to the Avis
link from the United site, which becomes one of many "Identity Providers" you
may depend on. You'll still have separate IDs everywhere, it's just that some
of them will take United's word for who you are, sort of like what Yodlee already
provides. Does that mean you'll still have to register a new
credit card
everywhere each time you
pass
an expiration date?
Dave quoted Sean
McGrath quoting (he thinks) Adam Bosworth:
"Every layer of abstraction costs you 50% of your audience."
When you add business alliances and linking commissions to the mix, it gets
really hairy. This bad boy feels too complicated for a timely rollout. I must
be the
only one who thinks the obvious launch sequence for any commercially federated
ID will be:
- Version 3.2 (or so) of the standard is
finally agreed to.
(Wanna download v. 1.1? Here's the 4.1 MB spec in
8 files.)
- Participating companies (like these)
negotiate and subdivide into their "affinity
groups"
(mini-federations linking among themselves)
- Participants provide a transition period to the new protocols.
- Participating sites patiently explain the new rules to shoppers.
- Longer than expected, shoppers click, "Not
Now. Do It the Way I'm Used To."
- The transition echoes the conversion to HDTV and
the metric system.
Won't it take years for this cycle to be played out? Those first 2 bullets
really are killers. Both of the people who read my rants are pretty technical,
but I bet we don't manage our browser cookies the way we should. I don't see
how well we'll manage this byzantine trust matrix:
POLICY/SECURITY
NOTE: Implementors and deployers should make allowance for the
user to decide
whether to immediately authenticate with the identity provider or be offered
the chance to decline and authenticate either locally with the service provider
or select from the service provider’s list of affiliated identity providers.
The way I read the Liberty
Architecture Overview (736 KB PDF), when you deal
with United Air Lines, you're set up to deal with United's affinity group of
vendors.
But
when
you
go over
to
American,
you'll need to sign in again. This feels like a balkanized federation, not
the EU. Section 5.7 of the Overview, "Example User Experience Scenarios" lists
3 user scenarios and 4 sub-scenarios, each of which requires the user to
remember
her user
name & password for
the designated "Identity Provider" for each affinity group:
5.7.1 Scenario: Not Logged in Anywhere, No Common Domain Cookie
5.7.1.1 Login via Redirect to Identity Provider Website
5.7.1.2 Login via Identity Provider Dialog Box
5.7.1.3 Login via Embedded Form
5.7.1.4 The User is Logged in at CarRental.inc
5.7.2 Scenario: Not Logged in Anywhere, Has a Common Domain Cookie
5.7.3 Scenario: Logged in, Has a Common Domain Cookie
How do United and Hertz agree that United will be the Identity Provider when
Hertz knows as well as we do that United may have bigger concerns than DigID,
like, any day now? My guess is that the IT guys designing this beast haven't
yet discussed it seriously with Marketing, Legal and the Executive Committee.
When
they do, They'll surely be sent back to the drawing board.
XML co-inventor Tim Bray's blog today is titled Enterprise
Software Wreckage:
"If you go back to the Global 2000, the buyers of big-ticket software,
and get the typical CIO hammered and indiscreet in a bar, and ask about
failed installations of big-ticket software, you'll get bitter laughter
(or bitter tears, depending how hammered). It happens all the time. I'm
talking about projects with software licensing and deployment costs adding
up into the tens of millions, going nowhere, producing no results, and
eventually shutting down."
And that's when everybody works for the same guy...
The Complexity of a Deal...
The complexity of a deal expands to match the available brainpower;
No one can manage a business as complicated as they can design it.
—
Blaser's corollary to Parkinson's Law
Even if some immaculate conception births this puppy, we still haven't solved
the real dilemma: this model isn't what we want. We don't want separate IDs
everywhere, whether singly or in arbitrary affinity groupings. We want a single
sign-on, preferably encrypted in
our browser,
Java ring or
biometrics,
that
works everywhere.
But
we don't
want our data centralized, which would leave us hostage to an
identity czar.
Nobody, Everybody, Anybody
Doc's Linux Journal article goes on to say,
What this requires is something we don't have right now: a new identity
infrastructure--one provided by open APIs, protocols and other standards
that serve no agenda other than to enable useful dealings between buyers
and sellers of products and services. Like the Web and e-mail infrastructure
that are already part of the Net, this new infrastructure would be a full-fledged
service on the Net. And it won't become that unless it's something nobody
owns, everybody can use and anybody can improve. Again, like the Web,
e-mail and the Net itself. . .
. . . Right now there are other moves afoot, too premature to talk about,
all intended to build out a mydentity-based infrastructure. "
Doc also quotes Andre Durand, founder of Jabber and PingID, who is working
with Liberty, and who says everyone should be their own Identity Provider.
"Hijack the Liberty protocol," he basically says, going on to suggest
embedding ID data in a Jabber client, which then would be a full peer to the
airlines,
banks
and other Identity Providers that want to attract you to their fiefdom. Andre's
is a profoundly cool idea that I didn't comprehend until Doc told me that,
at its
core, Jabber
is an XML router. Now we're talking: a P2P petri dish that's good for years
of innovation.
Just one problem. Which jabber client would your ID live on? You'll need access
to it anywhere, not just on your main machine. Surely some universal ID reader
will someday be embedded in all devices (fingerprints, smart card, etc.).
Meanwhile, wouldn't it be swell if each person owned their own web site to
host their private Identity provider? Coincidentally, that's the Xpertweb model.
Doc and Mitch and
Flemming and
Henshall,
Husband, & Patrick and
I agree that the role for Xpertweb in all this is to provide the relationship
layer
on top
of
DigID.
The
controversial
thing
about
the
Xpertweb
model
is that it establishes a complete identity file for each user, on
the user's own web server. It's an admittedly big conceptual
leap, but the problems it solves are legion. Now you own a trusted database
served by a trusted script, ready to expose ID info whenever you OK it, but
never otherwise. Sure, you still have to deal with the explicit permissions,
but that's the case under every DigID model. The important thing is that,
like Andre's suggestion, each ID owner controls their ID, but unlike Andre's
proposal,
it's universally available to any corporate supplicant the owner chooses
to bless. Certainly our DigID protocol will be no worse than Xpertweb's!
Smarter guys than I say it's impossible. If they're right, you're wasting
your time reading this design study. Keep moving along folks, there's nothing
to
see
here. But
most technologists look at our alpha code and beta concept and say the concept's
unusual, but the technology's trivial. We like novel, trivial technology.
11:18:44 PM 
|
