Paul Madsen at ConnectID makes a good point in his “Could someone hand me that hammer please?”
I have a dead horse here that needs some beating.
Does ‘identity metasystem’ not imply “a pluralism of operators and technologies”? Isn't this even almost a law?
If so, should a TC focused on a single (albeit important) identity technology claim within its name the ‘meta’ scope?
The OASIS Identity Metasystem Interoperability (IMI) Technical Committee will work to increase the quality and number of interoperable implementations of Information Cards
The IMI TC's mandate respects the ‘pluralism of operators’ required by the metasystem definition, but not the other piece.
NB: Any comment that includes any combination of ‘forgot SAML token’ will be summarily rejected.
Metasystem and Identity Selector
Paul is completely right that the Identity Metasystem is a unifying model intended to bring together many contributing technologies – including Kerberos, PKI, browser-only federation protocols like SAML, WS-Security, WS-Trust and lightweight protocols like OpenID. And in fact, reaching across this diversity is the most important thing about it. Breadth is what allows us, as an industry, to create “one identity model” in terms of application development, deployment and most important, user experience.
To make this vision a reality, we need a component of the metasystem that has been missing: a common “Identity Selector” (early examples being CardSpace and DigitalMe).
Clearly such an important component needs to evolve in the context of an international standards body, so the announcement of the new OASIS Technical Committee dedicated to Information Cards and their interoperability is an important milestone:
Boston, MA, USA; 23 September 2008 — OASIS, the international open standards consortium, has formed a new group to enable the use of Information Cards to universally manage personal digital identities. The OASIS Identity Metasystem Interoperability (IMI) Technical Committee will work to increase the quality and number of interoperable implementations of Information Cards. A rapidly-developing, Web 2.0-friendly method for shared light authentication, Information Cards let people authenticate themselves on multiple web sites without maintaining passwords for each site.
But back to the name
While I think Information Cards are beneficial to the whole metasystem, they are not themselves the metasytem, and don't encompass all aspects of its interoperability.
For this reason, I don't personally think the OASIS committee's name is currently quite right.
I've never personally participated in OASIS or any other standards body (I have great respect for those who do.) So I have no idea whether it is possible to tweak a name once a committee is formed. If it didn't turn into a major time-waster, I think doing so would show everyone's respect for all the other contributions being made to the metasystem. I would prefer a name that is more technically specific, like the OASIS Identity Selector Interoperability Technical Committee (ISI).
The people who put in the effort to set up the committee and come up with a name will rightly say, “I wish you had given us that feedback earlier” – and I accept that criticism. Maybe I have missed my opportunity to provide feedback. Basically, I was sufficiently excited about the emergence of the committee, and convinced that the Identity Selector did contribute to Metasystem Interoperability, that the potential issues with the name didn't jump out at me.
And now to Occam
And now for something completely different. In a recent post Paul also reveals the origins of the third law of identity, and makes a great connection:
“William of Occam was a 14th century English philosopher, best know for his ‘principle of parsimony‘ in comparing different explanations for some phenomena.
entia non sunt multiplicanda praeter necessitatem
“When translated and applied to identity, it's clear that Kim's Law 3 was preempted by some 700 years
entities must not be multiplied beyond necessity