Jamie Lewis is getting ready to venture forth on the Laws of Identity:
I’ve been keeping my powder dry, watching and listening to the conversation about Kim’s proposals, but it’s time to jump in.
In large part, I agree with both the intent and content of the laws. Kim is doing a valuable thing, sparking a conversation that needs to occur. As is the case with all things identity-related, however, there are many devils in the myriad details. And I’ve been struggling with how to compartmentalize my thoughts enough to keep any posts about Kim’s ideas from being ridiculously long (as opposed to just long). Since I’m a bit of a stickler about words and semantics, I’ll start there.
On one hand, terms don’t matter as much as solving the problem. On the other hand, terms (and connotation) are crucial. Loaded terms make it harder to understand and communicate how any complex system will evolve because they bring lots of baggage to the party. And communicating is a core requirement to solving the problem.
Jamie's right about this.
Regardless of what you call them, for example, Kim’s proposals cover some important issues that deserve consideration and further discussion. But several folks have reacted to the (minor) conceit that Kim’s proposals are already “laws” (especially when someone at Microsoft is handing them down). The fact that Kim has called his proposals “laws,” though, has been an effective catalyst in getting people to get involved in the discussion. Still, I see what Kim calls “laws” as a set of proposed architecture principles.
Hmmm. This is thoughtful. It is true that what is most important about our discussion – in a practical sense – is the resulting set of architectural principals. And I care deeply about this architecture.
But what makes architecture right? I think it has to do with seizing the inevitable dynamics of the objective world. I think it is useful for me to conceive of, propose and continuously test these dynamics as laws. Of course, that doesn't mean Jamie shouldn't take them as principles.
Principles are important in any architectural discussion. In our own Reference Architecture (which is focused on technical architecture for the enterprise), we establish principles as the foundation for any technical architecture. The principles incorporate the values, organizational culture, and business goals of the enterprise. Therefore, each suggested principle must pass the “motherhood” test, meaning that a reasonable person must be able to suggest and defend a contrary position. (“Security is important,” is not a principle, for example; where as “we’re willing to use bleeding edge technology” is controversial principle architects must agree on before they make big decisions.) Once an enterprise sets those principles, it can then drive the technical positions (where you make technology decisions) and templates (which map those decisions into diagrams that illustrate system functions and how they relate).
It seems to me, then, that Kim’s proposing architecture principles for an identity system for the Internet at large. He’s sparking a discussion about the values, culture, and goals that should drive the creation of an Internet identity system, which we obviously need.
That it’s a Microsoft employee doing all of this makes it even more interesting (and gleefully perverse). In subsequent posts, then, I’ll be commenting on Kim’s proposed laws from that perspective, looking at them as a set of architecture principles for an Internet identity system. That perspective may also help others understand both the scope of the issues we need to solve.
I really look forward to this.