In a post about Dick Hardt's Identity 20 talk, Jon Udell makes an important statement:
Even a tech-savvy person like me has a hard time envisioning, never mind comparing, the interaction scenarios proposed by various identity schemes including Sxip, Microsoft's InfoCard, Shibboleth, and federated PKI.From Jon Udell: Envisioning identity
Referenced Mon Oct 10 2005 10:24:02 GMT-0600 (MDT)
Johannes Ernst picks up on that and adds:
I completely agree, and would add that nobody, not even the "insiders" really understand what consequences all the different proposed architectures have in terms of, say,
- who gets empowered and whose power diminishes
- how the attack vectors on those different architectures differ
- what governance structures are needed once any of this becomes a mass-market technologyFrom Johannes Ernst's Blog
Referenced Mon Oct 10 2005 10:25:17 GMT-0600 (MDT)
One of the things we're hoping will come out of first day of the Internet Identity Workshop (register) is a better understanding of just those issues. Indeed, that was the very motivation for organizing the workshop. I couldn't figure it out, so in a selfish way, asked everyone to come explain it to me. :-)
We're going to lead the day off with Doc Searls renewing and expanding on his user-centric identity themes. We'll follow that with a use case presentation and discussion from Mary Ruddy and Paul Trevithick. Then presentations about the underlying philosophy and architecture of some existing Internet ID systems you can use right now.
The schedule for Day Two is open and will be decided, Foo Camp style, on the morning of Day Two by the participants based on what they heard on Day One and what they would like to know more about. We have a number of proposed topics posted to the wiki already.
As Craig Burton has pointed out, Identity 2.0 changes everything. But, only "when Identity 2.0 infrastructure becomes ubiquitous. Free. A given. Like air and sunshine." We're a long way from that. Some of the current identity identity systems are even trying to be that. They're point solutions to specific problems and that's OK. Other's, however, have bigger aspirations. Jon rightly points out that some of the biggest roadblocks to those aspirations will be user issues. He says:
Civilians will ask questions like:
These are questions best answered with live online demos, or screencasts, or both. Given the former, I can and will help with the latter.
- How do I sign up?
- What kinds of credentials will I use?
- Where will those credentials work, and where won't they?
- What happens if I lose my credentials?
- How do I control the release of my private information?
- What are my rights concerning information that I do release?From Jon Udell: Envisioning identity
Referenced Mon Oct 10 2005 10:45:38 GMT-0600 (MDT)
Johannes points to the other big roadblock: politics. Like it or not, some of the biggest issues involving identity revolve around power--who has it and who controls it. You can't discuss identity on the Internet without everyone secretly imagining the money that will be made and lost on how this particular worm turns.