Jamie Lewis is getting ready to venture forth on the Laws of Identity:
Ive been keeping my powder dry, watching and listening to the conversation about Kims proposals, but its time to jump in.
In large part, I agree with both the intent and content of the laws. Kim is doing a valuable thing, sparking a conversation that needs to occur. As is the case with all things identity-related, however, there are many devils in the myriad details. And Ive been struggling with how to compartmentalize my thoughts enough to keep any posts about Kims ideas from being ridiculously long (as opposed to just long). Since Im a bit of a stickler about words and semantics, Ill start there.
On one hand, terms dont matter as much as solving the problem. On the other hand, terms (and connotation) are crucial. Loaded terms make it harder to understand and communicate how any complex system will evolve because they bring lots of baggage to the party. And communicating is a core requirement to solving the problem.
Jamie's right about this.
Regardless of what you call them, for example, Kims proposals cover some important issues that deserve consideration and further discussion. But several folks have reacted to the (minor) conceit that Kims proposals are already laws (especially when someone at Microsoft is handing them down). The fact that Kim has called his proposals laws, though, has been an effective catalyst in getting people to get involved in the discussion. Still, I see what Kim calls laws as a set of proposed architecture principles.
Hmmm. This is thoughtful. It is true that what is most important about our discussion – in a practical sense – is the resulting set of architectural principals. And I care deeply about this architecture.
But what makes architecture right? I think it has to do with seizing the inevitable dynamics of the objective world. I think it is useful for me to conceive of, propose and continuously test these dynamics as laws. Of course, that doesn't mean Jamie shouldn't take them as principles.
Principles are important in any architectural discussion. In our own Reference Architecture (which is focused on technical architecture for the enterprise), we establish principles as the foundation for any technical architecture. The principles incorporate the values, organizational culture, and business goals of the enterprise. Therefore, each suggested principle must pass the motherhood test, meaning that a reasonable person must be able to suggest and defend a contrary position. (Security is important, is not a principle, for example; where as were willing to use bleeding edge technology is controversial principle architects must agree on before they make big decisions.) Once an enterprise sets those principles, it can then drive the technical positions (where you make technology decisions) and templates (which map those decisions into diagrams that illustrate system functions and how they relate).
It seems to me, then, that Kims proposing architecture principles for an identity system for the Internet at large. Hes sparking a discussion about the values, culture, and goals that should drive the creation of an Internet identity system, which we obviously need.
That its a Microsoft employee doing all of this makes it even more interesting (and gleefully perverse). In subsequent posts, then, Ill be commenting on Kims proposed laws from that perspective, looking at them as a set of architecture principles for an Internet identity system. That perspective may also help others understand both the scope of the issues we need to solve.
I really look forward to this.