Day: July 8, 2005

Thanks to Caspar Bowden for telling us about Usable Security, a site which is absolutely fascinating and which concentrates on issues related to the sixth law of identity – the human as a part of the identity metasystem.

As if this site were not enough of a treat already, it contains a link to a paper called Making Prime Usable (this now works again – Kim). Prime is a european privacy initiative that brings together a number of important researchers.

The paper deals with many of the visualization and user experience issues we have encountered during our development of the InfoCard, so I'm reading it with great interest. Authors are John Sören Pettersson, Simone Fischer-Hübner, Ninni Danielsson and Jenny Nilsson from Karlstad University in Sweden; Mike Bergmann, Sebastian Clauss and Thomas Kriegelstein from TU Dresden; and Henry Krasemann from the Independent Centre for Privacy Protection (ICPP) in Germany.

People who care about the sixth law will find this irresistable.

I'd like to share Trevor Lawrence's comment on my answer to Kapil's question about how InfoCards are displayed in the digital identity management interface:

Yes this does help, or rather confirm deductions from scattered information fragments.

It looks at the moment as if the InfoCard UI has a special case built in to allow you to edit your claims in the self-asserted IP that is included. In general, as I understand it, out-of-band mechanisms are likely to be needed to change the claim data that an external IP asserts for a user. (In an authoritive IP I can't just change my passport number without by some other means proving to this IP that that indeed is the number of a new passport issued to me.)

Because of this it seems to me that the current beta InfoCard UI is a bit misleading.

This is a good way to put it. The self-asserted identity provider is special-cased because, after all, the user can change the claims at will.

I agree that without having an example of a managed card which cannot be edited, the current UI is a bit misleading. I hope you'll forgive us – we didn't want to wait until we had added managed cards before starting to share the concepts with the industry.

Channel 9 has posted an interview with me on my Identity work. It was done before I could talk publicly about InfoCards. Actually, I was fairly new to blogging and had written to Robert asking him if he could tell me about video blogging. So I was pretty surprised when he turned on the camera and pointed it at me! Then he told me that was the first lesson. You'll hear the session starting with Robert telling me you shouldn't put the brightest light behind the subject. You'll see I'm a little taken aback when they start asking me questions…

Anyway, it was great meeting Robert Scoble and Charles Torre in person.

Kapil also asks a question about the relationship between Liberty and the Identity Metasystem I have been proposing. First he quotes from the Identity Metasystem whitepaper:

“Participants in the identity metasystem can include anyone or anything that uses, participates in, or relies upon identities in any way, including, but not limited to existing identity systems, corporate identities, government identities, Liberty federations, operating systems, mobile devices, online services, and smartcards. Again, the possibilities are only limited by innovators’ imaginations.”

Then he says,

If I have a Liberty ID-FF or SAML 2.0 enabled IDP which use SAMLRequest and SAMLResponse for security tokens [the WS-Trust] architecture does not help.

My understanding is that this identity meta system is for service providers, identity providers and client machines (infocard system) which are based on WS-Trust and so saying that other participants such as Liberty could participate in this meta system may not be correct.

Perhaps I should have been clearer that Liberty or SAML products would need to add some technology to support the proposed identity metasystem (as would related Microsoft products, for example). I was really trying to point out that everything SAML users and vendors already had in place could continue to work just as it does now, while with a small incremental effort their systems could embrace the metasystem. Sure, it would mean supporting WS-Trust – a protocol designed for metasystem purposes: exchanging one security token for another different security token. But the people who've built SAML systems will have little difficulty going this extra step.

The truth is, to get to a metasystem, it wouldn't only be Liberty or SAML implementors who would have add the token exchange capability – changes would be required in all the systems asserting corporate and government identities; in operating systems, mobile devices, online services, smartcards; and in every other technology mentioned in our whitepaper. No one, including Microsoft, has WS-Trust rolled out at this point in time, so everyone would have to take the plunge.

From what I can see, most people interested in identity see WS-Trust as being a protocol that can really take us forward. But to commit to it, they need to see WS-Trust and its related specifications living in standards organizations. So now, the ball is in our court. We have to deliver.