Having just returned from the Liberty Sponsors meeting, I think I can safely say that coffee-break conversation did sometimes turn to the topic of Kims blog, and even if there were some specifics on which people might disagree, there was also a general appreciation of the way in which Kims work brings important topics into the public domain in a constructive way, allowing different views to be aired.
That's very cool. Robin and the folks he describes have done a lot of really good work and I look forward to every opportunity to dialog with them.
There were just two sentences in Kims post on which I wanted to offer my own personal comment, and here they are:
1 “The legal complexities of this style of federation are significant, and they must all be considered.”
I agree with the sentiment entirely but not necessarily with the hint of an implication that there are other styles of federation which might be legally less complex.
Federation is one of the possible approaches to fixing the problem of trusted, interoperable authentication between multiple parties. My instinct is that relationships of that kind will give rise to pretty much the same legal complexity no matter which organisational and technical approach one adopts. Its just a tough (but not insoluble) problem.
Well, I want to assure Robin that this was not intended as a “complexity swipe” at Liberty or anyone else. I totally agree with the formulation that the policy problems are “tough but not insoluble.” Further, the Liberty participants should be congratulated for their leadership in thinking about the policy side of things and centering their thinking in concrete scenarios and use cases. These ideas are real contributions.
I contrasted possible “styles of federation” without giving you the slightest context for what I was thinking – sorry about that! Blame it on the rain.
Basically, I think there exists a second set of what Jamie Lewis is calling “personal” identity scenarios, and that such scenarios can be less complex from a policy point of view – when done right – than intercorporate scenarios. But that doesn't mean they replace intercorporate scenarios or represent some kind of “silver bullet” or higher path! Both sets of scenarios need to be solved. They are complementary.
2 “Now, perhaps I am just a man with a hammer who sees everything in the world as a nail, but the paper reinforced my thinking that the more our systems are built to guarantee that the user is the conscious agent of information release (rather than having this done on his behalf), the better privacy is served, and the simpler our lives become from a legal and policy point of view.”
Again, I agree with the basic statement but not the implication. In my view, the user can be the conscious agent of information release while still having that act performed on her behalf. For instance, when I write a cheque [check] I consciously act to make a payment, but I then rely on the clearing system to perform that payment on my behalf. In the online environment, I issue instructions to my bank to transfer funds to someone else; thats a process I trust a lot more than keeping my salary under the mattress!
So this is a trust model which already works in both the real and the online worlds; I think it can be applied to online attribute exchange as well not necessarily as the whole and only solution, but certainly as a valid architectural option.
Totally agree, Robin. The option you propose is totally valid for the context you describe. When I was talking about a hammer, it was the hammer of user control and consent. There are many ways to achieve this and implement it in technology. I see you as a colleague who is as committed to this end as I am.