A few months ago, Marc Canter, Craig Burton and Doc Searls introduced me to Mitchell Baker of the Mozilla Foundation. We had a good discussion, and following up on that, I've been able to get together with the Foundation's Mike Shaver to talk about the identity metasystem. He is focusing on how to drive identity forward at Mozilla; he's got a strong background for this, including, amongst other things, his work at Zero-Knowledge. Even better, he blogs:
I was outed as a new member of the Mozilla Foundation team by a press release about a now-long-past keynote address, so there isnt really much to announce here. My contract has me working primarily as a technology strategist, a necessarily-vague position that has been described pretty well by Mitchells post about new people and roles in the Mozilla Foundation world. I continue to help with release management, organizational governance, and even advising the intrepid devmo squad, but I try to spend most of my time with my sights on the technology strategy issues that are of significant interest to our community and products. (Which is not to say that I do spend most of my time there, but Im learning how to do so better every day, and with every gentle nudge from my wicked-awesome manager.)
The primary area of technology strategy that Ive been working on so far has centred around identity, which is of course a topic broad enough to consume several lifetimes. I count myself lucky to have developed a grounding in identity and privacy issues while at Zero-Knowledge, as its allowed me to get up to speed more quickly than I might otherwise have been able to.
The biggest strength of the current identity climate is also the biggest weakness: there are a number of identity systems that provide different capabilities, are built to emphasize different values, and require different amounts of infrastructure support. As the Mozilla Foundation is chartered to promote choice and innovation on the Internet, it would seem that were in good shape on at least half of our primary concern: choice.
I dont think its really the case, unfortunately, because the sort of choice that the user faces is not one that empowers them at all: in many ways, it forces the user to pick a winner, and it forces similarly unpleasant choices on developers that want to take advantage of Identity 2.0 capabilities in order to build interesting services, technologies, and experiences. Choice competes with innovation here, and while thats a tension that arises in many contexts, its of even more concern when were talking about something this central to the web experience and, I feel I can say without gross overstatement, to the social fabric of modern life, as mediated by all this computer nonsense.
(I should point out that all of the interesting proposals for modern identity infrastructure permit users to exert control over what organizations actually hold their private information, which is a huge step forward from the Passport nightmare we faced not that long ago. I still think that having to choose an identity system is a bad scene, but it could certainly be worse.)
Being the technology strategist for the Mozilla Foundation has its perks, and chief among them is that I get to work with a truly amazing team on a project that really is at the center of the modern web. Right after that, though, is that a lot (lot) of people want to talk to me, and while it can be a mixed blessing in terms of time management, its tremendously helpful in making sense of something as complex as the identity landscape. I had good, if preliminary, discussions with folks from the Passel and SXIP camps, while I was at OSCON, and Ive since been setting up meetings with other identity-system boosters to get other perspectives. (If you are with an identity system group and you havent made contact with me yet, please do send mail and some information about your system, because Im by no means done with that part of the process.)
Most recently, I had the pleasure of meeting with Kim Cameron, Microsofts Architect of Identity and Access and the father of InfoCard.
He came to spend some time with me in Toronto this week, and I was delighted to discover that we share many of the same positions on the key obstacles to having viable identity infrastructure on the web today. The InfoCard work looks to be pretty good from philosophical and architectural perspectives, and Im trying to learn enough about the whole bloody WS-* stack to really grok the details. We had a very good conversation about a wide range of technical and social issues, and I look forward to more of them in the future. Im pretty confident that Kim genuinely wants to do the Right Thing, and even more importantly he seems to have the Right Idea about what the Right Thing is which is to say, in other words, that we agree about many things, much to his credit.
I hope to write more in the coming days about the identity systems Ive looked at, and what I think the general form of Mozillas identity strategy should be, but I wanted to break my blogging fast and talk a little bit about what Im working on these days. Its really too exciting to keep to myself!
I was struck by the clarity of Mike's thinking about the impact of choice: at its worst, it means each participant must “bet on a winner.” This is a significant problem for individual users. But it represents an actual risk for developers and relying parties – since they have to bet on something which is very hard to predict. No wonder people have “run for the hills” when faced by proponents of emerging identity systems.
Mike sees the main advantage of an identity metasystem as being that instead of betting on “winners”, you bet on a “playing field”. Developers don't have to worry which particular participating systems turn out to be popular – their investment in the identity “playing field” will still pay off. By removing the need for people to place bets – reducing everyones’ risk – we make it possible for a lot more people to embrace the concepts – and thus improve the chances of all the players.
The day after our meeting, we both got “stuck” in a “small downpour”. The photo above shows “Lake Steeles” and was taken by Mike's friend madhava…
[tags: Identity, Mozilla, Mike Shaver, Identity Metasystem ]