Day: February 1, 2005

Simon Grice, from Midentity in the UK, now has a blog going – and promises that February is the month that he “will focus on spending a little more time actively taking part in the conversation – rather than simply listening in.” I'm making a note of that here so he can't back out!

Simon is working on “social computing” aspects of identity. Midentity recently concluded a deal with British Telecom to resell its personal identity collaboration product. And Simon is putting together a Personal Identity Summit in the UK later this month.

Archie Reed is a well known guy from HP in the enterprise identity space. Here's a post he did a while ago on the first four laws:

These seem well focused on the individual, however the laws so far ignore some of the fundamental requirements for establishing identity, being able to challenge the system and so forth. I will try to add to the discourse.

I am drawn to this discussion because there is an core of privacy management in each of these laws and I am keen to promote better privacy management in private and public organizations. Having spent many years living and working outside the US I am continually amazed at the freedom with which many US companies (and individuals) utilize what I feel should be private information for the purposes of marketing and solicitation. This is constantly reinforced by companies that require me to “opt-out” of marketing efforts (and other nefarious things), rather than choosing to “opt-in” is one example that shows the laws of identity as defined are idealistic and not aligned with business thinking (certainly in the US).

The challenge is the classic battle between business and security, or the principles of open vs. least access.

Worse, the exchange of private information is already occurring today, where organizations are gathering and exchanging information about individuals, based on unclear usage models and privacy policies. This is not something that identity management technology can easily deal with, and the overall business processes again become the focus of the discussion, not the “Technical” aspects that Kim is focused on… more specifically, Kim's ideal laws are not aligned with the real world – as much as many of us would like them to be!

On a related note, Phil Windley adds his comments to the mix at Laws of Identity and Symmetric Relationship Treatment

I believe that much of our talk about identity, and about privacy, is confounded by our collective myopia concerning relationships, or data about how identities are linked. When we look at it from just one side, we're likely to mistakenly build systems that asymmetrically protect relationship data. These systems are inherently unfair and thus prone to controversy. So, I'll add something that I think needs to be in Kim's laws:

• Treat Relationship Data Symmetrically – Relationship records (i.e. records that link one or more parties) MUST be treated symmetrically for the identity system to be fair.

I do not believe this is correct.

What is missing in both these threads is context, both in terms of the conversation and the assumptions made about how identity data is used. In fact, Phil's examples allude to context, but miss the follow-through in logic when Phil talks about how a transaction is _jointly owned_. The reality is that while the transaction may be jointly owned, there are different expectations, policies and ultimately “context” for each party of the transaction similar to any supply chain model. Specifically the challenge I see is that jointly owned does not translate to common expectations or understanding – that being another one of the challenges.

Phil talks about the need for both parties to be treated symmetrically, essentially basing their usage on the same principles. This is not the way the real world works, nor is it a reasonable expectation. What is real-world is that context defines how these relationships work, and context is different for each party. While it may make sense for B2B type trusts to be symmetrical, it is not the same for a B2C, C2C, B2E or any other X2Y type of trust. That relationship is only one part of the context. Other data points that improve and clarify the context include the data each party has on the other, including how the relationship was created, who has agreed to what and for how long (e.g. terms of usage, privacy policies, customer service agreements), social conventions and expectations . My point here is that while there are numerous technical aspects to the relationships, there are also many parts of the relationship based on agreements, expectations and experiences, something rarely captured in identity management systems.

So I would say that what is really missing is the political or social aspects of identity. Kim talks a great deal about technology, however as anyone involved in identity knows, identity management is one of those disciplines where technology is less then half the challenge – we can argue what the percentages are later…

Everyone has has been telling me about Jon Udell – and how cool he is. Well, today I came across his amazing weblog:

A couple of days ago my sister cc'd me on the ACLU Pizza movie — a digital identity nightmare done as a Flash animation. “Very interesting,” she wrote to her friends, “and probably not too far from the truth.” I'd seen this movie a while back, so I pondered for a moment about the ongoing effect it might be having and then moved on. Then today it came back to me, via Phil Windley, via Kim Cameron, via Future Salon. I wondered how this particular meme has been flowing through the collective mind. So I took a picture of that:

The chart measures the number of citations per day on del.icio.us and bloglines, omitting the (majority of) days on which there were none. I'm curious to see what the new spike will look like.

More generally, I'm interested in how visualization of memeflow will affect memeflow. From the ACLU's perspective, charts like this will doubtless become part of the dashboard used to measure the performance of campaigns — if they aren't already. But the memeflow data will also matter to folks like Kim Cameron, who is Microsoft's identity architect. He writes:

This is a battering ram for knocking over any system embodying disrespect for identity's laws. That might prompt some to just take it “as propaganda”. But anyone who did that would be missing the point. Micah's piece is a harbinger of what is to come should we, technologists, not succeed in understanding our own subject matter. [Kim Cameron]

Exactly. But going forward, it won't be enough to simply possess that understanding. The would-be architects of our digital identity future will also have to communicate their understanding in compelling ways.

Jon is right. Memeflow data will matter to folks like Kim Cameron. Wow. I'm just trying to get my head around this.

In terms of Jon's comment about communication, I'll go a little further than he does.

A couple of days ago Jamie Lewis had me rolling with this parenthetical comment – executed with unassailable “en passant” perfection:

Kim sums this up in a breathless reply to Doc Searls and others in his introduction to the fifth law (it’s a long sentence, and you may need to open a window after parsing it)

So funny and so true. After all, as a technology architect I spend a lot of my day in an internal conversation where there aren't even words yet. And sometimes this shows.

That's why to do something like a unifying identity system that is respectful of the people who use it, we need not just architects, but a whole bunch of creative thinkers with a wide range of talents – especially communication – people like Jon Udell. To pick up Marc Canter's term (he seems to come out with some good ones), we need a lot of talented people riding the identity “avalanche”.

Technorati's identity tag page is really cool. I'm certainly adding it to my feeds. I still don't have a very complete understanding of how Technorati works or what it is. Other beginning bloggers are probably in the same boat. Can anyone send us a link to an explanation?

Thanks to FeedDemon, I've located Ben Hyde's “Ascription is an Anathema to any Enthusiasm” blog and his interesting take on the Laws:

Kim Cameron’s Laws of identity reminded me to two things. First it reminded by of the This American Life episode on superpowers. One of the segments in that episode involves asking people which superpower they would pick: invisibility or flying. That implodes into a discussion of what the choice tells you about the person. My frivolous brain then meandered into thinking what superpower would I pick if I wanted to solve the identity problem; since Kim took “maker of laws”; I think I might pick “shaper of markets.”

The reason the Passport stumbled was that Microsoft hadn’t admitted that the shape of market power in their industry had changed. Prior to the Passport experience nobody in their “ecology” had aggregated enough market share (and in this case we are speaking of share of the identity market) to both care and decline to their leadership. Prior to that time frame Microsoft, on their bad days, could keep the puppies living in their ecology chasing tail lights.

What changes in the shape of the market was three fold. First the scope of the market blew wide open. Just to pick one example the Internet market included all the telephone companies where the jungle where Microsoft was king of the forest didn’t. Second the internet had already created a huge bloom of new players. Some of those were already really large; e.g. Yahoo, AOL, Amazon, eBay, etc. etc. Of those only eBay chose to follow Microsoft’s leadership. The third aspect was how critical this functionality was to the business models of some of the players.

Kim recently said that Passport failed because it broke one of his design constraints, i.e. that identity architecture will be more stable it’s designed to assure that the fewest parties are involved. That is absolutely a key constraint. Not because it’s more stable in the long run. No. In fact it’s probably much more stable in the long run. Consider eBay; eBay is a very very stable business architecture; because it inserts a nominally unnecessary party – a middleman – into every single transaction.

That constraint is desirable because it makes your offering less threatening. It accelerates adoption, it isn’t a long term stabilizing force it’s a short term driver of growth. The kind of thing firms often, intentionally or not, use as the fulcrum of a bait and switch. Have you noticed that the email announcing you have made a purchse at eBay now includes a link that hands you off to Paypal thru DoubleClick!

Yes, Passport failed because it broke that constraint; but it would be a hell of a lot more straight forward to say that Passport failed because it fundamentally threatened the customers’ businesses and Microsoft lacked the market power to get away with that.

The second thing the use of the word “laws” rather than say “first draft design constraints” was the drawing on the right taken from here. When the software industry was defined by the desktop Microsoft could thrive as a business on the lowest rungs of that ladder. For example when it would Consult would be done at arms length thru market research or ad-hoc conversations at developer conferences. Placation was a job for PR. Partnership was an occasional activity to be engaged in with Intel, IBM, possibly Apple or Sony. The bottom three rungs where the job, for example, of the developer network.

Marc Canter wrote recently that solving the Identity problem is 98% political. Absolutely. But, damn it. For most of the vast majority of the leaders in this industry their model of politics was framed the crimes of Nixon and Vietnam. Their model of the industry is small startups and the wonderful empowering of small players enabled by the PC and Moore’s law. The word politics is right up there with necrophilia on the list of ethical activities. An attitudes make it very difficult to work constructively on the top rungs of that ladder. Notice, the guy that drew that ladder couldn’t bring himself to label the top rungs “politics.”

The bag of of governance models for working on problems is huge. The standards process around Atom is a very modern example. But, I do not believe that Microsoft know how to work at these levels; 25 years of habit aren’t easily changed. I do not see any sign they have made significant progress in learning how since the Hailstorm debacle. I don’t think they even know what kind of debacle Hailstorm was. Look at how hard they fought to keep Sun out of WS.

If you want think seriously about working at that level there are two groups trying to do that. WS and Liberty. I was involved in Liberty (and I’ve taken money from other players in this market) but it appears to me that only Liberty is actually trying to work on the political problem of solving the identity puzzle. Much higher on that ladder than any other group, by far. Not high enough; but much higher.

I can't help it – I find Jamie Lewis‘s most recent discussion of the Laws so cogent I am just going to let it rip.

I love the way Jamie articluates the fact that exchange of identity is organic, and related to and interwoven with other meaningful activities. It's not some abstract problem. This idea of the connectedness between parties through relationships transcending technology is one of the most important ideas in the current discussion – I'll come back to it in future posts.

Kim Cameron responded to my post regarding the connotation of “universal” identity systems, agreeing with my concerns and saying that he’s more recently been using the term “unifying identity system.” That’s a great term, certainly more straightforward and clear. It clearly communicates precisely the intention of the fifth law.

Speaking of the fifth law, like Scott Lemon, I was a bit surprised when there wasn’t more of a collective “hallelujah” in response to its posting. That surprise motivated me, at least in part, to post my comments on the term “universal” in the first place. And as I said in that post, I have more to say on the subject, so here goes.

Simply put, the concept behind the unifying or “meta” system for identity is crucial. While we certainly need structure and standards for an Internet identity system, the notion of a wholly top-down, centralized and “universal” system flies in the face of experience. On several occasions, I’ve said that such a system will grow organically. These organic (and contextual) elements of identity systems are both important and hard to grok due to their intangible nature.

Think of it like any social structure. Most social structures evolve organically, based on the emergent needs and properties of the social systems they support, leveraging the virtuous cycle of need, invention, and formalization. (Many business structures follow a similar path.) And it’s rare that all of us humans agree on one way of doing anything. If we’re trying to instantiate social structure in a virtual space (the Internet), why would we think it will be any different in how it evolves?

Organic growth implies a level of self-organization that the Internet identity system mustn’t just accommodate; it must encourage it. Given the right tools, ad hoc groups, formal communties, social structures, and, yes, even large companies will implement and manage identity in a fashion that suits their needs. The digital identity systems that American Express needs for its employees won’t work for social networking software. That’s why things like FOAF, SxIP and LID are coming to fore. (While FOAF, SxIP, and LID are interesting developments, it’s unclear at this juncture which of these, if any, will succeed.) But the inverse is also true. These different communities must be free to self-organize, using identity systems that meet their needs.

Different IDs for Different Needs

Kim addresses this reality in the fourth law, the Law of Directed Identity. While somewhat inscrutable at first glance, his idea of omnidirectional and unidirectional identities encompasses the reality that one ID won’t get me access to everything. I will have multiple identities, especially in different social contexts. I’ll probably have identities that are applicable only to very private relationships. This isn’t to say we don’t need standards; we obviously do. But getting agreement now on one single standard that works for to all needs is highly unlikely. These different scenarios all have different requirements, and thus systems must be free to adopt standards that work for them, or we’ll wait forever for the one “uber” system that works for everything.

To illustrate the point, let’s take something like the registration process, which is where the digital identity train first leaves the station. I’m an audio/video enthusiast (my wife would say freak), so I’m a member of the Audio Visual Sciences Forum. I self-asserted my identity when I signed up, and that’s fine for the AVSForum. As long as I play by the forum’s rules, the folks that run the forum are fine with me being around using whatever identity I’ve established for myself. The reputation system inherent in the AVSForum takes care of many governance problems. The forum’s moderators and administrators step in with full authority when they have to.

But will self-assertion alone work for my bank? Hopefully not (or I need to change banks). Yes, the AVS Forum could rely on the identity my bank issues, but I might not want to use such an unambiguous (and valuable) identity in that social context. And why should AVSForum do that anyway? The cost could well outweigh any benefits it may gain. Once you get past registration, you get to the differences in policies (credential type and strength), attributes, and the management systems necessary to propagate and use identity in each of these very different contexts. In large part, these things must be need-driven, and one size will not fit all.

Context Is Everything

In other words, identity is the most contextual element you can possibly imagine; in fact, all social interaction is highly contextual, especially online. Who we choose to be, what of ourselves we choose to share, what faces we choose to show, depend entirely on the context in which we’re operating. Sherry Turkle did a great job of examining this dynamic in her book Life on the Screen, Identity in the Age of the Internet, which is even more amazing considering the fact it was published nearly 10 years ago. (It should be noted that this book is not about technology, but about human psychology. It’s easy for identity technologists to forget that we are talking about representing human behavior, not machine behavior.)

It stands to reason, then, that domains of activity will emerge, and they will have their own identity mechanisms, probably their own identifier, which will be unique and appropriate within the context of that given domain.

Federation is Not a Four-Letter Word

It’s when these different domains (or communities) need to interact that things get really interesting. It will happen, but it will happen organically. Identity connections between communities will not form just because we have an uber-GUID and a registry that have been blessed by a committee, for example. Such connections will form because individuals, groups, organizations, companies, and other forms of human endeavor will need those connections.

In other words, the requirement to plug in to a larger system (and context), exchanging identity information with other communities, will be an emergent property of a given domain of activity (or community). Some potential for value and substance must necessarily precede identity connections; otherwise, there isn’t any point in making the connections. When the need to connect does emerge, those domains will need to federate with other domains. Remember: small pieces loosely coupled. (For me, this concept is largely consistent with and is reinforced by some of the other laws.)

To return to my example of the AVSForum, my self-asserted ID is fine for basic information gathering, posting, and communication. But if my activities on the forum move from to commerce, my (theoretical) bank-issued ID suddenly becomes more relevant. But it will be much better (and safer) for the bank to vouch for (or assert) my identity (without having to reveal the identifier that gives me access to my money) via a federated mechanism. We can call this function into play when we need it, instead of waiting for everyone to agree to use bank IDs before we can do anything.

Instead of one massive uber identity system to bind them all, we need the backplane that Kim, Craig Burton, Doc Searls, and others discussed on the Gilmore Gang. We need infrastructure that acknowledges the reality that there will be many different identifiers, and many different identity domains. Simply put, an identity system can be “universal” (connoting wide acceptance and applicability) only if it’s based on the principle that one universal system to rule us all is simply not a good idea.

If we agree on that principle, then the most important discussion we can have is about the interoperable infrastructure that will connect (or unify) identity systems, not how to construct the one uber identity system that everyone will use. So it’s important to differentiate between identity systems and standards that can support one or more activities (that’s how I see LID, FOAF, et al) and the metasystem, which will truly universalize digital identity by enabling interoperability through federated mechanisms (the backplane). In combination with the users (people), all of these things comprise the identity metasystem, or the unifying identity system, if that’s the term you prefer.

Summing Up

Kim sums this up in a breathless reply to Doc Searls and others in his introduction to the fifth law (it’s a long sentence, and you may need to open a window after parsing it). He says,

“Different identity systems need to be able to exist in a metasystem based on a simple encapsulating protocol and surfaced through a unified user experience that allows individuals and organizations to select the appropriate identity providers and features as they go about their daily activities.”

More to the point, he goes on to say,

“The universal identity system must not be another monolith. It must be both polycentric (federation implies this) but also polymorphic (existing in different forms).”

It’s polycentric because it’s comprised of multiple, federated systems, not a single system. It’s polymorphic because those connected systems must be free to contextualize identity in a fashion that suits the needs of the communities they serve.

So, as I said in my earlier post, the fifth law is a fundamental architecture principle. If we can’t agree on that one, we’ll forever be arguing over how to make the other six work. Getting there won’t be easy, and I’m not entirely convinced that the idealism inherent in this thinking will in the day. But I’m willing to work for it. But that and the other laws are topics for other posts.

Scott Lemon has done a very nice posting where he reviews the Law of Pluralism from the point of view of his experience at Novell. He begins by recalling the fifth law: The Law of Pluralism: A universal identity system MUST channel and enable the interworking of multiple identity technologies run by multiple identity providers. Then this – and here's a secret – I think I have a sealed box of Novell FTAM too: This reminds me of the original work at Novell on Open Protocol Technology – OPT – which was when we began to support multiple application protocols for file system access. As a brief history, NetWare was a “next generation” kernel and operating system when it was introduced to the market. For a transport protocol, it used a variation of the Xerox XNS protocols that Novell renamed as IPX, SPX, RIP, SAP, and others. On top of this transport (the equivilent of TCP/IP in the Internet) was the application protocol for making file system requests – the NetWare Core Protocol or NCP. To simplify this, NCP can be thought of as similar to NFS … a file access protocol. So where UNIX systems would use NFS on a transport of TCP/IP, NetWare servers would be accessed from DOS workstations using NCP on a transport of IPX. The first step towards Open Protocol Technology – or a form of Pluralism – was with Novell NetWare v2 (actually it was version 2.15 in 1988!) when Novell added support for the Apple Talk Protocol Suite, allowing Apple Macintosh computers to see a NetWare server as though it were an Apple server. This was done by adding support for the Apple transport protocols, and also the file protocols. So now DOS and Windows workstations could access files on the server using NCP/IPX, and Macintosh computers accessed the same files … using their native tongue, the Apple File Protocol. Soon after this, Novell added support for TCP/IP, NFS, and FTP with the release of NetWare v3. It actually went even further when Novell implemented the OSI protocol stack on NetWare. I still have a sealed box of NetWare FTAM which was the product where Novell implemented the FTAM file protocols on top of an OSI protocol stack! In this example of “pluralism” Novell was able to create a product that supported file system access via numerous transport protocols, and numerous file access protocols. We had demonstration networks showing where machines running DOS or Windows, along with Macintoshes(?), and UNIX machines, were all sharing files on the NetWare server. This was in 1989 through 1991! If we fast forward to now this is a common feature of almost any operating system! Even the Linux systems in use today have the ability to mirror this type of functionality with multiple transport protocol support, and projects like Samba, Netatalk, etc. To me, this law is a very common sense approach to systems design and allows for flexibility in implementations and usage. This makes complete sense.