Author: Kim Cameron

Thanks to Jamie Lewis, who recommended it highly, I've started to use FeedDemon by Nick Bradbury. Probably everyone in the world knows about this product except me, but I thought I would mention it because it has made my life so much easier (yes, my friends, and better!).

I had a wierd experience installing it – it just didn't function even though I rebooted, confessed all the bugs I had shipped in earlier lives, did some mea culpas and everything. Maybe I should admit that I attract bugs like a light attracts moths. Anyway, the next morining FeedDemon worked like a real good demon, and has done so perfectly ever since.

In my moment of failure I had written to FeedDemon technical support with my sad story. Who do you think answered but creator Nick Bradbury himself. I love that connectedness between creator and user. And surprise. He subscribes to this weblog. Nick said he had never heard of these symptoms before, so I suspect my problems have to do with some of the more “experimental” software I have installed on my machine.

Feedster gives you the ability to stay on top of a lot of feeds. It collects RSS feeds (called channels) into channel groups (e.g. “Identity”). It serves up a newspaper for what's new in a channel group. Or lets you peruse the headlines in an email metaphor. And you can opt completely out of the email metaphor as Nick himself does.

Some of my friends use products that display RSS feeds within Outlook. That's a great option, but I like the fact that I can keep my email distinct from my RSS feeds. I already have more than enough to archive and organize in Outlook.

I also look forward to playing with some of the new FeedDemon features like support for podcasting (present in the shipping product). I listen to podcasts by keeping a collection on my 1 gigabyte mobile phone. It looks like FeedDemon already has enough integration with Media Player that I'll be able to automatically get my podcasts onto my phone. I'll keep you posted.

Again, I need to quote Jamie verbatim:

Since Kim Cameron now has me “hovering” over the laws of identity, I figure I better get busy and find some new hairs to split. (I’ve never been compared to a starship before, and I'm not sure exactly what it means, but it's the best compliment I've had in weeks.)

And that's how it was meant. I was trying to conjure up the beautiful many-sidedness of Jamie's mind… Not to mention his teleportation beams and forcefields.

Once again, I have a general comment regarding semantics and the terms Kim’s using to describe the principles (or laws, if you prefer).

As you may have noticed, Kim has used the term “universal identity system” several times in defining the laws, and I’ve seen it crop up in a bunch of other blog postings. As I said in my previous post about architecture principles, terms (and connotation) are crucial. Loaded terms make it harder to understand and communicate how any complex system will evolve. And I’d be hard-pressed to come up with a more loaded term than “universal.” Maybe it’s just the way I’m hearing it. I’m certain that my reaction is due to some weariness over revisiting the same arguments so many times over so many years. But for my part, when anyone talks about a “universal identity system,” my first instinct is to put my money in my shoe.

Your shoe, Jamie?

The fifth, er, principle (the Law of Pluralism), demonstrates that Kim isn’t advocating one globally unique identifier, one single “uber” identity system. In fact, he's advocating just the opposite. (His thoughts on centralization are clear as well.) When Kim uses the term “universal identity system,” he means “universal” in the sense of a widely accepted, highly scalable approach, applicable and usable across the diverse and wide-ranging Internet. He’s talking about enabling a truly distributed system that can bind many different applications, use cases, and identity systems into a more meaningful (but logical) whole.

I whole-heartedly agree with the principle Kim has outlined in the fifth law. It’s crucial that we get this one right. If we can’t agree on the fifth law, we’ll forever be arguing over how to make the others work.

Because it is so crucial, I’m concerned that some folks will interpret “universal” to mean “uber,” as in one single identity system operating on a single standard, in spite of Kim’s intention. That’s precisely what X.500, X.509, and other attempts to solve this problem are and were about. And there are some folks who just seem genetically pre-disposed to approach the problem from a top-down, if-we-can-all-just-agree-on-one-single-identifier perspective.

That's right, and this is the very opposite of what we are trying to achieve.

The multiple previous attempts to build “global” and “universal” identity systems failed for multiple reasons. But if one thing seems clear, it’s that top-down, fully centralized systems don’t seem to work for identity, at least not on an Internet scale. We’ve been there, done that, and found that it didn’t work. Hopefully, we’ve learned these lessons and won’t have to re-learn them repeatedly.

To ensure clear agreement on this important principle, then, we need to do one of two things: either define more clearly what we mean by “universal” in this context, or create an alternative term that doesn’t connote the “uber” system.

You're right, Jamie.

In defining the fifth law, Kim also uses the term “metasystem.” On one hand, I like “metasystem” better because it connotes more of what we’re shooting for. On the other hand, the “meta” prefix has its own baggage (some of which I helped create). Some people may think the term “metasystem” implies the stateful synchronization that meta-directories strive for, which isn’t the case. Clearly, Kim based the laws on his extensive experience with meta-directories. So maybe we can reclaim the “meta” prefix, re-define it based on what we’ve learned. In any case, “metasystem” is better than “universal identity system,” at least for me, and for now. In my next post, I’ll drill down a little more on why.

I agree with everything you say (except the part about the shoe). For the time being, in my recent post on the developments in the UK, I used the word “unifying”. But sure. We should take back the term “Meta”.

I'm looking forward to the next chapter. And doing version 1.1 of the Laws.

Late-breaking news from William Heath of Ideal Government:

That list of companies you cite is serious evidence of the growing political risk in the UK of making the wrong choice on identity architecture. The list comes from an activist group whose brainstorm of ideas includes card burnings, occupations, targeting companies, electronic disruption / hacking, graffiti etc. It's called “Defy ID” and proposes a day of action today (28 Jan) so perhaps it's keeping police busy at this very moment.

It joins an established UK ID opposition group called No2ID. Both groups are antis.

The initial opposition is to a card, but on closer inspection it's the register that offends. I dont yet see either putting effort into proposing a better alternative. Personally I'm hardcore non-violent and against damage to property, but otherwise entirely in sympathy with the antis.

My “Ideal Government” blog is of course not ID focussed; it is about WIBBIs (=”wouldn't it be better if..”s)

Here we are seeing how disregard for the Laws of Identity leads to the unnecessary fracturing of social agreement. If this agreement cannot be reached, the system no longer embraces “the whole”. The ideological say they don't care. But those of us seeking to build a unifying internet identity system cover our eyes and wonder, much as we would if our neighbor were building an inverted pyramid with no structural support.

This whole situation is also an example of why the underlying dynamics we have been examining appear to me as laws, not simply design principles.

Here (thanks to Ideal Government) is a piece from the UK where Sarah Arnott advises forgetting about the proposed brick and mortar ID Card and instead concentrating on a government-issued electronic identity. Sarah thinks a single identity is sufficient for everything. She also says:

It is unlikely that ‘function creep’ will inaugurate a Big Brother state.

More probable is that the government will spend fantastic amounts of money on an inflexible and ineffective plan, conceived out of political expediency, achieving nothing more than a vague notion of improved security.

And a useless piece of plastic.

And another fiasco to be added to the already battered reputation of public sector IT.

Ideal Government has also published a list of companies which have announced their intentions to bid. A lot of smart people there – it will be interesting to see if the plan evolves to take advantage of advanced identity technology more in conformance with the Laws.

Jamie Lewis’ most recent post on “Laws” versus “Principles” has to be quoted in its entirety:

In an earlier post, I talked about how I see Kim Cameron’s “laws of identity” as a set of architecture principles. More recently, Craig Burton posted a response, wondering if I’m splitting hairs. He goes on to say that “if you look up the definition of a principle, you can't help but run into the word ‘law’.”

Perhaps I am splitting hairs. Wouldn’t be the first time, won’t be the last. But at least I’m not alone in doing so. Craig first pointed to comments by Chris Ceppi on the subject and then later posted a thoughtful response from Mark Wahl. Both make interesting points. And Craig is correct in saying that if you look up the word “principle,” the word “law” quickly surfaces. (The opposite is also true.) But if we’re going to start pulling out our dictionaries, then I feel compelled to point out that those very definitions underscore the point I was trying to make about connotation.

For example, here’s how The American Heritage Dictionary (Fourth Edition), defines the word “law”:

A rule of conduct or procedure established by custom, agreement, or authority; the body of rules and principles governing the affairs of a community and enforced by a political authority. . . A set of rules or principles dealing with a specific area of a legal system, such as tax law or criminal law . . . something, such as an order or dictum, having absolute or unquestioned authority.

One could argue that the word “law” would apply when and if Kim’s proposals become “rule or law” by “custom or agreement.” But are we there yet? I don’t think so, since we still seem to be in a period of debate and discussion. And in the above definition, the connotation of a legal system here is overwhelmingly clear, along with fun things like authority, governance, and enforcement. It was this strong legal connotation that spooked me a bit on the word “law.” That and the fact that Microsoft (or any other vendor) will have a hard time positioning itself as “the authority” capable of handing down laws in this matter.

The American Heritage Dictionary also offers alternative definitions of the word “law,” which are consistent with Mark Wahl’s usage of the term:

A statement describing a relationship observed to be invariable between or among phenomena for all cases in which the specified conditions are met, such as the law of gravity.

The connotation here is equally clear, and Mark Wahl said it well in his discussion of inherent properties. One can easily argue that Kim is trying to describe inherent properties, the “Newtonian physics” of identity.

But can Kim (or anyone else) say that these “laws” are “invariable for all cases”? As I said, these are issues over which reasonable people can (and probably will) disagree. In fact, I’m willing to bet that companies and people will build identity systems that violate Kim’s laws, even if those laws become widely accepted. While we may all wish them to be so, it’s hard for me to see them as absolutes.

That’s why we focus on architecture principles. Discussing architecture principles is a forcing function; it requires architects to reveal their biases and beliefs as to how systems should be constructed. Yes, it also helps that Burton Group has four working sets of architecture principles, so I have a pre-existing affinity (bias?) for the term. But we called them principles for a reason: We assume that different architects will take different positions with regard to core architectural principles. And that’s where The American Heritage Dictionary’s definition of “principle” comes in:

A basic truth, law, or assumption; a rule or standard, especially of good behavior; the collectivity of moral or ethical standards or judgments; a fixed or predetermined policy or mode of action; a basic or essential quality or element determining intrinsic nature or characteristic behavior; a rule or law concerning the functioning of natural phenomena or mechanical processes.

Here, the connotation isn’t a legal one, or necessarily one of an absolute. There are some great words and phrases here, such as “assumption,” “rule or standard,” “ethical standards or judgments,” “policy,” and “behavior.” These words and phrases speak directly to what (I think) we're trying to do: construct an identity system. These are things over which reasonable people can disagree, but have a huge impact on how systems are designed. Take for example the principle of democracy. Many hold that principle to be a sacred truth, but that doesn’t stop countries from using other forms of government. Simply put, there are no natural laws that prevent people from doing stupid things. Similarly, we may agree on Kim’s laws. And many folks may end up fervently believing in their truth, but that won’t stop others from building systems that violate them.

Having said all of that, I agree that the discussion is, at least to some degree, hairsplitting. So, as to whether Kim needs to call these things “laws” or “principles,” I’m not sure it matters that much. I was simply saying that’s how I see them. Still do, and so to each his own. (That, and sometimes I enjoy hairsplitting as much as the next person.)

UPDATE: It seems as if P. T. Ong agrees with me, calling the laws “design principles.” As P. T. says, the term “principles” may not “sound as cool,” but is more accurate. One has to consider the marketing value of calling them laws, however, a thought that I'm sure hasn't escaped Kim's mind.

Naughty Jamie for implying I might have used the word “Laws” just to turn the level of this discussion up to the maximum! But I love him anyway. Just like I love (loud) rock ‘n roll.

Just so people know what my intentions were, I did in fact propose the word “law” in the sense of a scientific law, meaning something that models the structure and behavior of some aspect of objective reality. And here I fear the American Heritage Dictionary betrays its need for a bit of modernization. Newtonian “invariability”, after all, gave way to thinking that embraced concepts like probability. Classical mechanics led to quantum mechanics. Today our scientific laws tend to include the concept of “tendency”. It is such tendencies which must be understood in the case of identity, and which I have been attempting to understand with specific regard to the properties and behaviors that define the contours of any identity system that can extend across the Internet.

More imporantly, Jamie, Craig, Chris, P. T. Ong, and Mark Wahl all make good points.

Thanks for signalling the danger that someone might interpret our work as positing the way “people ought to be”. Nothing could be further from our intentions, and I am sobered by the possibility.

My colleague Stuart Kwan, who perfectly embodies the union of car freak and identity geek, sent me to this mind-boggling “story of how a virus was transmitted from an infected mobile phone to the OS of a Lexus car, via Bluetooth. A whole new meaning to the word contagious.”

The story, by David Quainton in SC Magazine, begins this way:

Lexus cars may be vulnerable to viruses that infect them via mobile phones. Landcruiser 100 models LX470 and LS430 have been discovered with infected operating systems that transfer within a range of 15 feet.

“If infected mobile devices are scary, just thinking about an infected onboard computer..,” said Eugene Kaspersky, head of anti-virus research at Russian firm Kaspersky. “We do know that car manufacturers are integrating existing operating systems into their onboard computers (take the Fiat and Microsoft deal, for instance).”

It is understood the virus could affect the navigation system of the Lexus models, it transfers onto them via a Bluetooth mobile phone connection. It is still unclear which operating system the cars in question use.

“At this stage it's still early but it just goes to show that technology has consequences,” said David Emm, senior technology consultant at Kaspersky. “It's scary stuff.”

It is the cross-technology nature of this exploit which blows the mind. The writing is on the wall. We need to come together as an industry and act in a concerted way.

William Heath, his perceptions heightened by the governmental identity discussion going on in the UK, makes an interesting comment about Jamie Lewis’ post on architectural principles:

It's a thoughtful contribution from Jamie. I'd just observe that he talks of principles based on “the values, organizational culture, and business goals of the enterprise”. That's a logical way to approach business, which is important when you're selling something to earn a living. And no-one is better at business than the US IT industry.

But there's far more to life than business. The identity architecture proposed for the UK will become a defining part of the architecture for social, civil and political life. It will affect how we feel about ourselves, others and the state as well as how well the economy works and our role as consumers in it.

So, Jamie, can we consciously broaden the basis you use for “Reference Architecture” to include the full panoply of the human condition. As we discuss the Laws let us remember we need principles that work for all. Imagine having to explain or justify them to artists, religious leaders, people caring for the needy or elderly . It doesnt make it easier, but that's the scale of the problem we face. If anyone doubts this please look at what is happening in the UK

William is right – to be successful for anyone, the identity system must embrace and provide benefit to everyone – implying great diversity. This in turn means we need architectural principles that reach well beyond the enterprise. I know Jamie will be the first to agree, so it will be interesting to see if he thinks he has already built counterbalancing recognition for digital life of the consumer into his reference architecture.

Governor James sent this link to consumer advocate Jordana Beebe's advice for companies that collect information from customers.

Which reminds me about an interesting article by Larry Ponemon for Computerworld on the “Top 5 privacy issues for 2005“.

The Ponemon Institute has surveyed “thousands of individuals on a variety of issues affecting their privacy, from a universal credentialing system to Internet ads that use personal information to target prospective customers.” I think this type of work is very important – it helps us ground our thinking in real qualitative and quantitative analysis. I'm going to learn more about Larry's research.

Larry reports:

• most people are willing to use biometrics because of convenience
• three quarters of those interviewed think a single verification system (from a bank or the post office) would simplify login
• people are worried about unauthorized access to their data
• people who fly are willing to trade privacy for safety

I take these readings as gauging present thinking among the American population, and therefore consider it to be important. But I also know that most people know a lot more about some of these issues than others.

People who fly understand the tradeoff with privacy. But most people haven't really thought about what the implications of a single verification system would be. So to really predict what they will think about such a system in practise, it is necessary to establish their opinions on a whole series of related issues. I don't know if Larry has done this, but I would like to find out.

Larry achieves this additional depth in the final page of his article, where he shows convincingly that consumer trust has a dollar value. He analyzes consumer willingness to share data as a function of their rating of the trustworthiness of the entity they are dealing with – and looks at these dynamics over time. He then posits a hypothetical marketing campaign and demonstrates that a top-rated organization in terms of its approach to privacy could achieve significantly higher results for a given investment. This attention to the evolution of his subjects’ thought over time, in conjunction with stratification of privacy reputation, is a great example of the kind of thinking that could help people who only casually think about identity issues understand the deeper dynamics.

It is also fascinating to see Craig Burton discussing with Jamie Lewis on the question of whether we should be using the word “Principles” rather than “Laws” to understand the dynamics that bound the design of the mega meta mojo moma backplane (“mojo” thanks to Eric Norlin). Craig responds:

I think that Kim rasing his discussion to one of a set of defining laws instead of arcitecture principles is totally apporpriate.

Later, discussing Chris Ceppi‘s comments on a “Rule Set” (Chris is a thoughtful person from Ping) he concludes that “Laws Rule“.

I defer to Jamie and Craig – watching them discuss something like this is like sitting in the front row at a tennis match between consummate professionals. They are both helping me understand the issues.

Craig Burton has been turning up the volume recently. His recent comment on the sixth law struck me as “right on”:

My take on this law is that Kim is proposing an identity system that transcends the boundaries that we normally think about when considering any service-based system. According to the sixth law, it needs to include both the channel of communications between two machines and between the user and machine. In essence a dual channel identity sytem.

A dual channel identity system is over the top. It is hard to think about let alone concieve and create.

Yes, it is hard. It's hard to conceive what it means. And it is hard to create. But if we want to get to the identity Big Bang, we have to go for it. I mean as an industry.

Craig continues:

Now I am also really curious on how this system will actually work. It would be tough enough to be a dual channel system in a single environment. But proposing that this system be cross-platform (see law number five) is almost too much. The technical and political issues to be overcome with this 7-point-system seem overwhelming. I have concerns about how all this is going to happen. But my concerns are probably unfounded.

Yeah. That's what makes this exciting.