Yes or No?

Ben Laurie of Google writes that something important was left unsaid in the recent discussion of federation and large Internet properties:

The end result of the blog deathmatch between me, Kim, Eric and Dick was a deathly silence on what I consider to be the core issue.

OK, its nice that Microsoft are developing identity management software that might not suck (but remember, it still doesn’t satisfy my Laws of Identity) but the question that’s being posed about Google applies equally to Microsoft, and, indeed, anyone else with an identity silo.

So, here’s the question: is Microsoft going to accept third party authentication for access to Microsoft properties?

How about it, Kim?

OK.  The answer to your question is “yes”.  Windows Live ID is going to accept third party authentication for access to Microsoft properties.

Let me quote from the Windows Live ID Whitepaper.  It seems like I gave the wrong link before, so I've checked that this one works.  I've also copied the paper onto my blog as I always do so my links will be permanent.  The original appears here.  The quote below is one of several places where these issues are discussed in the paper, so it's probably worth checking out the whole paper (about 8 pages).

How Does Windows Live ID Participate in the Identity Metasystem and Work with “InfoCard”?

Microsoft is working with others in the industry to create an identity metasystem that brings existing and future identity providers into a connected identity ecosystem and empowers end users to control the use of their identities. The Windows Live ID service will participate in the identity metasystem as one identity provider among many, able to accept claims from other identity providers and transform them so they can be used within Microsoft online services. This participation will include acceptance of self-issued and managed “InfoCards.” It will thus provide full support for the “InfoCard” identity model.

Roles of the Windows Live ID Service in the Identity Metasystem

Microsoft has published its vision of a universal identity solution that is inclusive of a plurality of identity operators and technologies—the identity metasystem. In such a metasystem, identity providers, relying parties, and subjects can select, request, transfer, transform, and consume identities through a suite of well-defined and open Web Services (WS-*) protocols. Microsoft is working to implement components of the identity metasystem, as are many other companies in the industry. As a result, various building blocks for the metasystem are being developed. Some of these components will be delivered to end users in the form of software installed and running locally on their computers and devices, while others will be online services.

The design philosophy of the identity metasystem is not to replace the existing identity systems in use today, but instead to bring these existing systems together by enabling interoperation among subjects, relying parties, and identity providers through industry standard protocols. The Windows Live ID service will participate in the identity metasystem as a “managed” identity provider already at Internet scale. Windows Live ID will bring a large base of end users and relying parties to the metasystem, taking us one step closer to Internet-wide identity federation and doing our part to help the industry move beyond the “walled garden” paradigm.

The Windows Live ID service will play several essential roles that are strategic for Microsoft. The service:

  • Is an Internet-scale identity provider intended primarily for users of Microsoft online services, which are all relying parties of the Windows Live ID service.
  • Is open and issues claims in a form that can be consumed by any relying party, any device, and any other trusted identity authority.
  • Serves Microsoft online services as a “claims transformer,” allowing those services to accept identities issued by third-parties. Third-party identity providers include other Internet service providers and managed-identity providers, such as the planned Active Directory Security Token Service (STS).
  • Will be the identity provider and federating authority for third party services and software built on top of the Microsoft online services platform

So now some other questions remain.  Who can federate with Windows Live ID and what are the conditions?  What will the business model be?  What services will people want to use that cause them to seek to federate? 

So don't take me as sounding glib.  There are lots of important issues that the Windows Live ID folks are still thinking about.

Meanwhile your comment that “its nice that Microsoft are developing identity management software that might not suck” is one of the nicest things anyone has ever said to me, and I'll treasure it.

 

Window Live ID Whitepaper

Introduction

Since its inception, the Microsoft Passport service has existed in a digital world that is increasingly multi-centered and rich in contexts. This digital world requires the sharing and federation of identities and close attention to matters of user control. These requirements have led Microsoft to evolve the Passport service continuously. To emphasize this evolution, Microsoft is changing the name of the service to something more indicative of its specific contribution to the emerging “identity metasystem”: the Windows Live ID service.

Windows Live and Office Live are Internet-based software services designed to deliver rich, seamless experiences to individuals and small businesses. The offerings combine the power of software with online services to make compelling new tools that complement Microsoft Windows and Microsoft Office products.

Microsoft online services need to know who is interacting with them—just as users need to know that the services themselves are legitimate. This mutual need requires the use of digital identities. The Windows Live ID service is designed to manage identity and trust within the Windows Live ecosystem.

For end users, the Windows Live ID service provides roaming access to the broad array of Microsoft online services. For developers, it enables over 300 million potential online users to access their applications.

What Are Windows Live ID and the “Service”?

A digital ID is a set of claims made by one entity about another.

A Windows Live ID is a set of claims that the Windows Live ID service makes.

These claims can refer to individual users, organizations, devices, and services. Initially, most claims will be based on information stored in accounts the service maintains on behalf of its users, in much the same way that Passport has worked in the past. Moving forward, the service will also rely upon the claims issued by other federated identity providers, transforming them to make sense within the Windows Live ecosystem.

What kinds of claims can a Windows Live ID contain?

  • User's e-mail address
  • Type of entity (such as organization, group, or namespace)
  • Relationships among subjects, such as:
  • Parent-child relationship.
  • Administrator status or ownership of an organization, group, or namespace.
  • Membership in an organization, group, or namespace.
  • Authorization for specific scenarios, such as enforcement of parental controls
  • User ownership of a public-and-private key pair, for use in peer-to-peer communications

Windows Live IDs that are based on Windows Live ID accounts (as opposed to federated IDs) can be authenticated using traditional user-name/password pairs, strong passwords and security PIN combinations, and smart cards. Windows Live ID will also support the use of self-issued “InfoCards.” For example, users will be able to employ “InfoCards” to access Windows Live Mail. For more information, see “InfoCard” Support later in this document.

The Windows Live ID service also maps federated IDs supplied by other identity providers into a form that works within Microsoft online services. This is done through protocols like WS-Trust, WS-Security, and WS-Federation—widely accepted, royalty-free industry protocols that can be (and have been) implemented on any platform. WS-Security is already an OASIS (Organization for the Advancement of Structured Information Standards) standard, while WS-Trust and other related protocols are in the standardization process now. Because “InfoCards” also implement WS-Trust, the Windows Live ID services federation servers will be able to accept “managed InfoCards” too.

So that customers can access Microsoft online services by using any device, the Windows Live ID service also supports specialized mechanisms (like the Radius protocol) for authentication from cell phones, televisions, and Xbox 360. Through these devices, Windows Live ID also supports applications that range from dial-up service to peer-to-peer instant messaging.

For developers, Windows Live ID provides programmable interfaces that reduce development time on both the client and relying-party server sides, making it easier to develop new identity-aware services for the ecosystem and new client products to access them. The Windows Live ID services are also accessible through soon-to-be-published protocols.

High-Level Architecture

The following figure is a high-level illustration of the ecosystem in the Windows Live ID world.

architecture

How Does Windows Live ID Relate to Passport?

The Windows Live ID service represents the evolution of Microsoft Passport into a world based on federation. Windows Live ID will be the authentication system for all existing and future Microsoft online services. Relying parties (Microsoft properties and those of close partners) who have implemented Passport will be compatible with the Windows Live ID service.

Another area of evolution is towards support for “rich clients” using Web services. By supporting WS-Trust and “InfoCard,” Windows Live ID will extend its single sign-in framework to the Windows Communication Framework (WCF) employed in many emerging applications.

End users will be offered an automatic upgrade path for using their Passport accounts as Windows Live IDs. Similarly, the Windows Live ID service will be backward compatible with relying parties that have already integrated with the Microsoft Passport Network. However, to take advantage of the new features and scenarios provided by the new Windows Live ID service, relying parties may have to adopt new software development kit (SDK) components and protocols.

How Does Windows Live ID Participate in the Identity Metasystem and Work with “InfoCard”?

Microsoft is working with others in the industry to create an identity metasystem that brings existing and future identity providers into a connected identity ecosystem and empowers end users to control the use of their identities. The Windows Live ID service will participate in the identity metasystem as one identity provider among many, able to accept claims from other identity providers and transform them so they can be used within Microsoft online services. This participation will include acceptance of self-issued and managed “InfoCards.” It will thus provide full support for the “InfoCard” identity model.

Roles of the Windows Live ID Service in the Identity Metasystem

Microsoft has published its vision of a universal identity solution that is inclusive of a plurality of identity operators and technologies—the identity metasystem. In such a metasystem, identity providers, relying parties, and subjects can select, request, transfer, transform, and consume identities through a suite of well-defined and open Web Services (WS-*) protocols. Microsoft is working to implement components of the identity metasystem, as are many other companies in the industry. As a result, various building blocks for the metasystem are being developed. Some of these components will be delivered to end users in the form of software installed and running locally on their computers and devices, while others will be online services.

The design philosophy of the identity metasystem is not to replace the existing identity systems in use today, but instead to bring these existing systems together by enabling interoperation among subjects, relying parties, and identity providers through industry standard protocols. The Windows Live ID service will participate in the identity metasystem as a “managed” identity provider already at Internet scale. Windows Live ID will bring a large base of end users and relying parties to the metasystem, taking us one step closer to Internet-wide identity federation and doing our part to help the industry move beyond the “walled garden” paradigm.

The Windows Live ID service will play several essential roles that are strategic for Microsoft. The service:

  • Is an Internet-scale identity provider intended primarily for users of Microsoft online services, which are all relying parties of the Windows Live ID service.
  • Is open and issues claims in a form that can be consumed by any relying party, any device, and any other trusted identity authority.
  • Serves Microsoft online services as a “claims transformer,” allowing those services to accept identities issued by third-parties. Third-party identity providers include other Internet service providers and managed-identity providers, such as the planned Active Directory Security Token Service (STS).
  • Will be the identity provider and federating authority for third party services and software built on top of the Microsoft online services platform.

“InfoCard” Support

“InfoCard” is the code name for the Microsoft implementation of an identity selector for the identity metasystem. “InfoCard” provides a consistent experience for users to manage, control, and exchange their digital identities. It is an important step towards eliminating user names and passwords as the primary mechanism by which users identify themselves. “InfoCard” provides a safer way for users to manage and exchange their digital identity information, helping to protect them from various forms of identity fraud.

For more information, see the InfoCard site in the WinFX Developer Center.

Since Windows Live ID is designed to robustly manage user identities, it will support “InfoCard” when “InfoCard” is broadly available (expected in the fourth quarter of 2006 for Windows XP, Windows Server 2003, and Windows Vista).

The current plan is that Windows Live ID will support both self-issued and third-party managed cards as a mechanism to authenticate users when accessing Windows Live services. Subsequently, Windows Live ID will also issue managed cards to enable users to use their Windows Live ID with third parties.

Together, Windows Live ID and “InfoCard” will enable users to enjoy the rich array of Windows Live services more easily than ever before.

Programmability

The Microsoft online services are designed to become an Internet programming platform for developers to build desktop applications and online services. (For more information about this platform, see the Windows Live Developer Center.)

So Microsoft must make it easy to program for the Windows Live ID service.

To simplify integration on both the server side and the client side, the Windows Live ID service will release software development kits (SDKs) later this year. In addition, the Windows Live ID service uses industry standard protocols. For cloud server-to-server scenarios, the Windows Live ID service exposes programmatic interfaces by way of SOAP services.

The Relying Party Suite (RPS) SDK makes it easier and cheaper to develop a new Microsoft Live service by providing interfaces that prepare authentication requests, decrypt, parse, and validate security tokens, and manage authentication-state cache in a browser session.

But more importantly, RPS reduces operational cost by providing support for configuration refresh—critical for partners that host services from different global geographic locations, and for times when it is necessary to change cryptographic keys.

A second SDK—the Windows Live ID Client SDK—runs on end users’ computers. This SDK makes it easier to write new client applications that understand Windows Live IDs and supports the sharing of authentication state across multiple rich clients and browsers. It also manages short-lived certificates issued by the Windows Live ID Certificate Authority; these certificates can be used in security-sensitive applications such as peer-to-peer communication channels.

Like the Relying Party Suite, the Client SDK supports the automatic configuration and refresh mechanisms critical to accommodating the Windows Live ID services “geo-hosting” plans.

Windows Live Messenger is an example of a client built on top of the Client SDK.

Advantages of the Windows Live ID Service

Through years of developing and operating one of the largest identity providers on the Internet, Microsoft has learned valuable lessons from customers, Internet security professionals, and developer communities worldwide.

Large Scale
The Windows Live ID service is the next-generation version of a system that does over 22 billion authentications per month and is used to access a large set of online services operated by Microsoft and its close partners.

Security
Security is a priority for the Windows Live ID service, which undergoes regular audits performed by independent auditors. Microsoft is committed to investing in security to help protect customers and relying parties against ever-evolving threats.

Quality of Service
The Windows Live ID service is built on top of a highly available infrastructure, including redundant networking elements, front-end and back-end servers, and fault-tolerant software components. The services are continuously monitored by multiple automated agents including internal tools and external monitoring services. Windows Live ID is built on components that have demonstrated a high quality of service.

APIs to Speed and Simplify Deployment

The Windows Live ID service is designed with development support in mind. All functionality is exposed through programmable SOAP interfaces that will be published soon. The Relying Party and Client SDKs ease development efforts for both relying-party services and rich-client applications, and help to deliver robust and efficient components to run on relying party servers or end-user computers. The SOAP interfaces are documented and will be available to all, enabling Windows Live ID services to be used in contexts not using the other SDKs.

Seamless User Experiences

The Windows Live ID service delivers a seamless user experience across client applications and Web browsers accessing relying-party services.

 

Carspace Sandbox

If you want to try out Cardspace, you should go to Cardspace Sandbox and follow the install instructions there.

Pamela Dingle has written about the site here.  Her description of Cardspace is great, although I really do recommend following the installation instructions.  In fact, if you don't follow them you will likely have problems.

Remember that if you have installed previous versions of various components, they probably won't work properly for login until you put in the new versions.  The reason is that in response to customers and other vendors, we have had to introduce “breaking changes”.  People tell us about things that can be improved, and we try to do so.  We've chosen not to become enmired in “premature backward compatibility” given that we are still in beta.

So I'll review some of what it tells you at the Sandbox:

Install Internet Explorer 7.0
  The Sandbox site currently requires Internet Explorer 7.0 Beta 3 when using Windows CardSpace.
Install the .NET Framework 3.0 Runtime Componetns July CTP
  The Sandbox site requires the .NET Framework 3.0 Runtime Components July CTP to be installed on your local Windows XP or Windows Server 2003 computer in order to use Windows CardSpace.
Start using Windows CardSpace!
  Create a new user account or login using your Information Card.  

Log into the Sandbox, and log into my site using the “Login” button.  You won't need to create an account.  Just answer the email my system sends you and you will be registered and able to comment.

Remember, if you have previous beta versions of .NET framework or IE 7 components above you need to go to the Control Panel->Add or Remove Programs, and delete them.  You'll find detailed instructions if you follow the install links.  I did it myself and didn't find it onerous at all, though I needed help removing the earlier version of IE 7.

Craig Burton writes:

Cardspace Sandox looks like a good place to have some guidance for Infocards and Cardspace. However, I have tried some of the stuff they recommend and got stopped because of the requirements.

In the mean time, I have issued myself an infocard but I have yet to find a place that accepts it–including Kim Cameron's identityweblog.

Waiting for Kim to respond. I would make a comment on his blog about all of this but I can't because I haven't figured out how to create an account.

This is ridiculous.

Indeed – there is a bit of Catch 22 since to put a comment on my blog, you need to log in with an infocard.

More and more people are getting Cardspace runing.  For example, while I was writing this, in came a comment posted by Bavo De Ridder, who wrote:

Ok, I have installed .NET 3.0 July CTP and since I already had IE7 Beta 3, it took only a few minutes, no reboot required. This stuff seems to be of good quality already! 

Bavo was able to add his comment without going through “moderation” – contributing to the identity silo thing.

Bavo was able to add his comment without going through “moderation” – contributing to .So courage my friends, and please follow the instructions posted at the Sandbox.  Like Bavo, I think the quality is getting quite good – the hard part is making sure your versions are right.

Get over to Craig Burton's blog

Craig Burton is blogging up a Perfect Storm at craigburton.com.  In fact he's posting so many nice little nuggets that you only see about a day and half's worth when you go to his site with a browser.  Make sure you navigate back using the calendar.

Since a couple of the recent pieces concern things I'm involved with, I'll pick up on those.

Let's start with the discreetly named Vendor Lock in Sucks:

Microsoft plans link between directory, Live services: ”

Microsoft is planning to sync its Active Directory with its Live Web-based services to give users single sign-on for applications and services both inside a company network and on the Web.

Technically a good idea. Fewer namespaces and fewer administration models. Reality is, customers are loathe to get roped into Msft centrism. Msft has yet to make the cut to OS inpdependent Internet services.

Trust me, that is the future. The longer they put it off, the worse it is for everybody.

The open source community isn't much better. Politics is winning over common sense.

It will be interesting to see how Ozzie guides the company towards this end. Gates hasn't, won't. Ballmer is worse, Allchin…I have no more to say about that.

Let me talk to Craig directly for a minute.

Craig, take a look at the Windows Live ID whitepaper and let me know what you think of it. 

In my view it is consistent with a number of the ideas you've brought to the industry for a long time now. 

As far as I can see, there won't be anything proprietary about the way Windows Live ID federates with Active Directory or anything else – it will just use the WS-Federation and WS-Trust specifications, which are being implemented more widely, by more vendors, every day – and can be used on a royalty-free basis.

So then how does this initiative lock anyone in? I'm a non-lockin sort of guy.  We need to win customer support by producing products that are cool to use and manage; that have superior reliability and integration with dev tools; and that are open to other implementations.

As for your comments on Bill (and his friends), you just can't produce the kinds of technologies we are about to deliver in fifteen minutes.  Our work has been going on for a while (!) and involved a lot of patient investment.  The truth is, Bill has been a great supporter of ubiquitous Internet identity and I want to stand up for all he's done to help, just as I would do for you.  This said, Ray also brings a lot to the table.

Craig also has a recent post on Cardspace:

A Sandbox to Play In:

Pamela Dingle, who always has the intestinal fortitude to ask the best darn questions at Catalyst (and other conferences), has posted a good “quick start” guide for anyone wanting to play around with Windows CardSpace. Via that post, I found this CardSpace “sandbox” site, which has some interesting pointers on it.”

Jamie Lewis points to some Cardspace resources. I opened my control panel the other day, and there was a new control panel named “Digital Identities.” It let me create an infocard. I have no idea what to do with it, but I know it came from Kim's group. I will try to find out more about this.

This is getting exciting.  So Craig, now, while you are on identityblog, choose Login.  When you get to the login page, click on my Information Card icon (a placeholder while we all agree on a real icon).  Let me know how that goes too.

UPDATE:  The original link for the Live ID Whitepaper was broken – I have fixed it.

Liberty, Open Space and Information Cards for Apple

Red Hat's Pete Rowley on the recent adjoining Liberty Alliance and Open Space events in Vancouver – and Apple support for Information Cards:  

The Liberty Alliance made a bold statement in Vancouver last week when it opened its doors for the first time to the hoi polloi. Now this was something interesting enough to demand a visit in of itself, but with the addition of an Open Space after the Liberty meeting, well, you knew I was going to be there right?

The first two days consisted of the regular business of the Liberty Alliance where visitors were allowed to attend any session except for the super secret board stuff. I attended many of the technical sessions which were interesting, though sometimes hard to follow as an outsider without access to the documents under consideration. I also took part in a session around privacy concerns that not only assured me that Liberty has them but that they are serious about dealing with the issues. The conversation turned at one point to outside perceptions of Liberty itself and its lack of openess to its internal process and draft documents. Somewhat ironic was the point made that nowhere was there to be found any information regarding the location of the Liberty conference, at least not to those without access to internal websites. A consequence of this being the first open meeting no doubt. In all, an interesting and worthy meeting.

The final two days were spent on the Open Space which was run in unconference format by Kaliya Hamlin and was excellent as usual. Topics ranged from SAML to Liberty People Service to how should we rename this user centric identity thing? Kim Cameron wrapped up with a lunchtime introduction to CardSpace that by popular demand lasted for nearly two hours. At one point Kim was asked whether Apple would have an identity selector like CardSpace and Kim redirected the question to me in my capacity as OSIS representative. As the newly appointed unofficial spokesman for Apple I suggested that if Steve Jobs would call me I’d hook him up.

So Steve, call me.

Gee.  That's an interesting idea.

Like Pete I took Liberty's Open Space collaboration as being a very positive step in increasing dialog and understanding in the identity community.  It was great to speak with a number of the Liberty people who have been leaders in moving identity technology forward over the last few years.  It strengthens my conviction that we are on the road to an Identity Metasystem reaching across platforms and underlying technologies.

Learning from experience in eGovernment

The Oxford Internet Institute (OII) has posted the Webcast of Jerry Fishenden‘s talk “myGovernment.com – government the way you want it”.

This looks at how new technologies, the emergence of Web 2.0 and the citizen/consumer as creator enable a whole new model of government services and interactions, with the citizen at their center. It was part of a day's workshop themed around “Learning from Experience in eGovernment: Why Projects Fail and Why They Succeed“.

You can find both a streaming media version (which requires Realplayer), or the downloadable version (which requires an MP4 player – I had to download Quicktime 7.1) at http://webcast.oii.ox.ac.uk/?view=Webcast&ID=20060705_151.

Jerry is Microsoft's National Technology Officer in the United Kingdom, and a person I deeply respect for his wisdom and willingness to tell it like it is.

Some recent podcasts

Cardspace screenFor those new to Identityblog and looking for an introduction, here is a short interview I did recently with PTS-TV in England:

 

If you are ready for something more challenging, William Heath of Ideal Government got me thinking about the problems of overly-centralized identity technology in a podcast he described as follows:

Here's an exclusive interview with Kim Cameron, speaking with Jerry Fishenden to me and my colleague Ruth Kennedy. Famous as the Identity law-maker, Kim delivered Microsoft's Damascene conversion on identity matters and has become the catalyst for a new-found cross-industry sense of purpose about what it'll take to get digital identity and authenication that works for all of us.

He speaks exclusively to Ideal Government about the UK's ID developments in the context of state-of-the-art industry developments such as the Laws of Identity, Information Cards and the imminent ID big bang.

Note from administrator: (This was a 40 minute interview – the key sections are linked to the text below.

The whole podcast is available here.

This is the first Ideal Government audioblog/podcast so please forgive any clunkiness and background noise – it was a hot day and we were glad of the aircon.) Best way to hear the audio extracts

Firefox users: right click and “Open Link in New Tab”
IE users: I dont know. But when you find out tell me.
Also, anyone can insert inline audio to Expression Engine please tell me!

He sets out what he means by “Identity” (and there are many different meanings). He explains what Information Cards are, and how Microsoft has implemented them under the brand name Cardspace. He explains why for all its regrettable clunkiness the ageing UK Government Gateway is more secure and privacy-friendly than the proposed Home Office ID system, and it's revealed that there is a working version of Information Cards showing UK Government Gateway transactions. But this isnt Passport/Hailstorm revisited: it's as clear to Microsoft as to anyone that this has to work for everyone. We need a cross-industry big Momma identity backplane, and then the identity big bang can happen. But no one entity, country or authority can be in control.

He sets out where his work stands in relation to a user requirement for the ID we need for e-enabled services in the UK. Users decide, he says. If the system isn't widely adopted, it fails. As an architect, he expresses his concerns about the Home Office's ID card system. Too much information is in the same place. It's a colossal blackmail-generation machine. Every system will be breached, he says. If you dont understand that, you don't understand security and should not be talking about it.

He's pretty frustrated about the prospect of a lugubrious ID system which will inevitably damage trust in e-services. But a combination of the difficulty of the undertaking and the common sense of the British public means it will fail. The Brits are sensible, he finds. Tall as he and I are, we all recognise there's a limit: you can't survive if you're much over 11′. “They're trying to build a 60′ man here,” he says. All the technology people he knows feel the same way.

Yet he's very optimisic: UK identity systems can be efficient, secure, privacy-friendly and cheap, he says. The example of an ideal ID architecture he offers is pretty close to home: it's the Scottish Executive. How pleased will the Scots be to have an expensive and ill-conceived UK-wide system forced upon them, in a new West Lothian twist?

Baby, you can watch my car

If you aren't following Tom Maddox's Opinity Weblog, now is a good time to start.  This piece made me wonder what will become of us all:

License plate recognition technology is going into the private sector, says Wired:

Watch this carIn recent years, police around the country have started to use powerful infrared cameras to read plates and catch carjackers and ticket scofflaws. But the technology will soon migrate into the private sector, and morph into a tool for tracking individual motorists’ movements, says former policeman Andy Bucholz, who's on the board of Virginia-based G2 Tactics, a manufacturer of the technology…   

Giant data-tracking firms such as ChoicePoint, Accurint and Acxiom already collect detailed personal and financial information on millions of Americans. Once they discover how lucrative it is to know where a person goes between the supermarket, for example, and the strip club, the LPR industry could explode, says Bucholz.

Private detectives would want the information. So would repo men or bail bondsmen. And the government, which often contracts out personal data collection — in part, so it doesn't have to deal with Freedom of Information Act requests — might encourage it.

So if you don't want to be under surveillance, I guess you'll just have to move out to the hinterlands, off the grid, and out of automobiles–at the very least.

You know, this whole pervasive surveillance thing is getting depressing, especially when you combine it with RFIDs and ubicomp and similar technologies. It's Big Brother, Little Brother, Uncle Private Eye, Little Snoopy Sister, and every other nosy parker you can think of.

If you're interested in these sorts of things, my old buddy Bruce Sterling, who surfaces in the blog from time to time, writes pretty often about them in his Wired blog, Beyond the Beyond, which I highly recommend anyway on the grounds that Bruce is about as on top of things as anyone can be without having his head explode.

For more samples try this piece on the recent Eric Norlin / Ben Laurie exchange (my attempted joke that Ben must have had a “bad-hair day” is qualified as incendiary).  And there is a beyond the fringe story on the targeting of Craigslist users for violent crime (hmmm, seems like we might want to know who we're dealing with before an in-person meeting – which happens to be Opinity's forte).

Finally, there is news of what Tom calls an “OpenID Bounty”.  He puts it this way:

Cool open source news from OSCON: The OpenID folks have announced a $5,000 bounty to be awarded to the first ten software projects that implement OpenID as an identity provider or relying party.

I'm delighted to say that Opinity is one of the sponsors of the project. (There is a full list of sponsors on the OpenID site.)

To qualify for the bounty, the projects must also be distributed under an OSI approved license and have at least 200,000 internet users of currently installed public instances and 5,000 downloads a month. (There are other technical requirements; those interested should check OpenID's site.)

This is a really innovative way of encouraging development of both open-source development and adoption. If someone develops OpenID implementations for WordPress or MediaWiki–both of which would qualify for the award–doing so would open the door for desktop identity management for users. And, of course, all sorts of cascade effects will likely follow. I can see, for instance, developers creating OpenID implementations for a wide range of other blog and wiki platforms.

At this point, user-centric identity management needs, above all, users. The technical guys are working like speed freak beavers to create protocols and systems, so it's time to get this stuff on the desktop and into operation.

 

O2’s FREE monthly handset teaches how to be phished

The relationships between enterprises and their “designated agents” are often pretty murky from a customer point of view.  In the old days, few people cared.  But in the world of phishing, we need a lot more clarity about who is representing whom – we need to know if an offer originates from a someone legitimate or not.

In this postBen Laurie shows just how hard the current identity patchwork (read “architectural black hole”) makes it to know what is going on – even if you're one of the top Internet security people in the world. 

Ben tells us, “O2 like phishing…”:   

They must do, or they wouldn’t do stupid things like this.

I got an email, looking just like this:

We’d like to say ‘thanks’ for being a great customer by offering you either a FREE Pay Monthly handset upgrade OR £100 credit added to your account – provided you haven’t recently upgraded.†   

And it couldn’t be easier. All you have to do is renew your contract with O2 before 31st August 2006.

If you choose to renew your contract for 18 months, rather than 12 then there’s even more on offer:

If you prefer to talk we have a range of Talker plans with Double Minutes each month*. For example, on an Online 500 Talker plan you’ll get 1000 minutes and 150 messages each month for £35.

If you prefer to text we also have a range of Texter plans which offer 50% Extra Minutes and Texts each month*.

For example, on an Online 500 Texter plan you’ll get 750 mins and 750 messages each month for £35.

To see our full range of handsets and offers and to renew your contract, click here.

And thanks again for choosing O2 .

† The information used in this mailing is based on your contract status as at 30th April 2006. Unfortunately, if you upgraded after this date your new contract means you won’t be eligible for these offers. Terms and conditions apply.

*Offer subject to ongoing connection to eligible tariff see letter for details. Promotional allowances must be used within the month. Unused allowances cannot be carried over into subsequent months.

OK, I removed some maybe-identifying data from the link, but you’ll notice the link goes to http://www.o2-mail.co.uk/. “Oho”, says I, being a suspicious sort, “that’s not O2’s website, I wonder who managed to register it?”

$ whois o2-mail.co.uk   

Domain name:
o2-mail.co.uk

Registrant:
Vertis

Registrant type:
UK Individual

Registrant’s address:
The registrant is a non-trading individual who has opted to have their
address omitted from the WHOIS service.

Registrant’s agent:
MCI Worldcom Ltd [Tag = UUNETPIPEX]
URL: http://www.uk.uu.net/

Relevant dates:
Registered on: 01-Aug-2003
Renewal date: 01-Aug-2007
Last updated: 04-Aug-2003

Registration status:
Registered until renewal date.

Name servers:
ns0-o.dns.pipex.net
ns1-o.dns.pipex.net

Hmmm, a non-trading individual who wants to renew my phone contract, eh? Think I’d better check that out – but what a shame, http://www.uk.uu.net/ doesn’t actually resolve, so looks like I’m not talking to them. And, oh dear, Nominet are closed until Monday, so that avenue is out, too.

The mail itself, incidentally, purports to come from o2-email.com, a domain which they didn’t even bother to register.

So, fearing nothing, I clicked on the link – which redirects me to http://www.o2renew.co.uk/. Here we go again.

$ whois o2renew.co.uk   

Domain name:
o2renew.co.uk

Registrant:
AIS Group Ltd

Registrant type:
UK Limited Company, (Company number: 3561278)

Registrant’s address:
Berners House
47-48 Berners St
London
W1T 3NF
GB

Registrant’s agent:
Global Registration Services Ltd [Tag = GRS]
URL: http://www.globalregistrationservices.com/

Relevant dates:
Registered on: 14-Apr-2005
Renewal date: 14-Apr-2007
Last updated: 27-Jul-2005

Registration status:
Registered until renewal date.

Name servers:
ns25.worldnic.com
ns26.worldnic.com

At least this has an address, if I could be bothered to follow up, which I can’t, but this all looks a bit fishy. To compound the fun, I also got a text on my mobile with the same offer, but anyway, I phone O2 customer services. They explain that this cannot possibly be O2, it must be one of their “marketing partners” who will, if I fill in the form, renew my contract with O2, but via them. And, presumably, or maybe not, give me a new phone. I ask where they got my email address and phone number, and the answer is that at some point I left a box ticked that said it was OK for partners to send me stuff.

So, do O2 condone this practice, I ask? The answer is, apparently, that they do. They don’t even mind, it seems, that the website has O2 branding on it.

If O2 is going to allow people they have contractual relationships with to do this kind of thing, how on Earth do they expect consumers to learn what is phishing and what is not?

Ben's aproach is the only one you can take with today's web technology.  Basically, you need to know how to analyse subdomains and understand DNS paths.  Given this, one wonders why O2 condones the use of URLs worthy of the best phisher.  It is cutting the last safety line we have been able to clutch between our fingers in trying to achieve even the most marginal Internet safety.

Still, I find myself choking on the idea that for people to understand they are being phished, they need to understand subdomains and the intricacies of DNS.

One of the great advantages of the way Information Cards work is that the site the user is visiting (in this case O2.co.uk) can specify its designated agents in a cryptographically secure fashion.  In this case, O2 could specifify O2renew.co.uk as the entity the user should exchange identity information with.  The user would be guaranteed that this was an extension of her relationship with O2, with O2renew acting as an agent of O2.co.uk.

 

The House of Lords on Pervasive Computing

Britain's Parliamentary Office of Science and Technology recently issued a briefing on Pervasive Computing that is well worth reading.  In the words of the report, “Pervasive computing has many potential applications, from health and home care to environmental monitoring and intelligent transport systems. This briefing provides an overview of pervasive computing and discusses the growing debate over privacy, safety and environmental implications.”

A few days ago, the marvellous Baroness Gardner of Parkes led a discussion of pervasive computing issues in the British House of Lords, of which she is a member.  To some, the unelected House of Lords has seemed like an anachronism.  But as a simple observer, I am struck by the facility of some of its members in understanding the transformational force of technology on our society.  I wish more political thinkers shared their cogency and interest when examining these matters.

So let's listen in as Baroness Gardner of Parkes, in the company of the Countess of Mar, Lord Avebury, the Earl of Northesk, and Lord Campbell of Alloway, question Lord Sainsbury of Turville about the issues of pervasive computing:

Baroness Gardner of Parkes asked Her Majesty’s Government:  Whether they will introduce legislation to protect privacy in response to the growth of pervasive computing.

The Parliamentary Under-Secretary of State, Department of Trade and Industry (Lord Sainsbury of Turville): My Lords, there are already in place regulations to protect privacy in the electronic communications field. The Privacy and Electronic Communications (EC Directive) Regulations 2003 and the Data Protection Act 1998 implement the relevant EC directives in this respect. The Government will keep this legislation under review as the use of technology develops over time.

Baroness Gardner of Parkes: My Lords, I thank the Minister for that reply. I am sure that he will know that 8 billion embedded microprocessors are produced each year, which is an alarming number. The Parliamentary Office of Science and Technology states in its POST note that it is important that the volume of transmitted data should be kept to a minimum, that transmissions should be encrypted and sent anonymously without reference to the owner and that security should be treated as ongoing. The Minister has said that security will be treated as ongoing. Evidently, there is some concern about whether manufacturers should be encouraged to build in safeguards from the very earliest stage. Will the Minister comment on that?

Lord Sainsbury of Turville: My Lords, I do not know whether trying to keep the amount of information to a minimum is a realistic strategy. This will clearly be a huge and developing trend in the future; now that microprocessors have in-built communications, this will be a growing field. The Privacy and Electronic Communications Regulations were introduced to address just these questions. They require, for example, a system of consents for processing location-based data. Service providers are required to take appropriate technical and organisational measures to safeguard the security of services. For the moment, that seems to be appropriate legislation but, as I said, we will need to keep it under review as the technology develops.

The Countess of Mar: My Lords, what is Her Majesty's Government’s view on the report of the Leeds NHS trust, which stated that there were 70,000 instances of illegal access to patient data in one month?

Lord Sainsbury of Turville: My Lords, patient data would be covered by the Data Protection Act. Clearly, if there is that number of instances of illegal access to data, there is something wrong with the systems in that place. That should be taken up in the light of the Data Protection Act.

Lord Avebury: My Lords, is the Minister aware that the British Computer Society has appointed an expert committee to look into the implications of pervasive computing? If any legislative changes are required, it would be sensible to wait until that committee had reported. On medical applications, does the Minister agree that the use of devices for sending data from within a patient’s body to outside recorders has proved to be an enormously valuable diagnostic tool, with no privacy implications for the patients?

Lord Sainsbury of Turville: My Lords, we must wait and see how the technology develops before we rush into any kind of regulation to control it. There have, as yet, been no complaints to the Information Commissioner on this area of location-based services. Information taken out of people’s bodies by such technology can clearly be enormously helpful medically.

The Earl of Northesk: My Lords, does the Minister agree that the issue is as much about ownership of the huge amount of data routinely collected about all of us as it is about privacy? If so, what stance do the Government take on the questionable legality of the Home Office authorising the DNA database to be used by the Forensic Science Service to research whether race and ethnicity can be determined from DNA samples?

Lord Sainsbury of Turville: My Lords, the Question was about pervasive computing, which is a specific area. The whole area of data protection is covered by the Data Protection Act 1998. Pervasive computing is a completely different subject.

Baroness Gardner of Parkes: My Lords, does not the Minister agree that there is—according to this POST note, for example—debate about whether the Data Protection Act covers the matter? The National Consumer Council is concerned about whether people could have all their information transmitted from, say, their home—or even their body, as was described in relation to medical things—and not know that it was being obtained or what use it was likely to be put to. That could be a bad use.

Lord Sainsbury of Turville: My Lords, as I said, there are two pieces of legislation: the Data Protection Act 1998 and the Privacy and Electronic Communications Regulations. The second obviously covers the security of data communication from one place to another. As I said, that involves issues of consent and security, which are well covered in that legislation. Of course, it may turn out that the legislation does not properly cover the subject and that there are issues to be considered. As I said, however, there have been no complaints on that point as yet.

Lord Campbell of Alloway: My Lords, will the Minister explain what pervasive computing is?

Lord Sainsbury of Turville: Yes, my Lords. This is an interesting subject. Some microprocessors now have in-built communication facilities. The most obvious example of that is radio identification. I do not suppose that the noble Lord ever goes to the back of his local supermarket, but if he did he would see that packages that are brought in have an identification code that can be read electronically without taking the goods off the pallet. That is done by radio communication and is an enormous step forward in efficiency. The same principle applies to smart keys; one can open a car door from a range of three feet with a smart key, using the same technology.