{"id":1014,"date":"2008-10-06T10:18:10","date_gmt":"2008-10-06T18:18:10","guid":{"rendered":"\/?p=1014"},"modified":"2008-10-06T10:21:02","modified_gmt":"2008-10-06T18:21:02","slug":"the-identity-metasystem-and-its-identity-selectors","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=1014","title":{"rendered":"The Identity Metasystem and its Identity Selectors"},"content":{"rendered":"<p>Paul Madsen at <a href=\"http:\/\/connectid.blogspot.com\/2008\/09\/could-someone-hand-me-that-hammer.html\">ConnectID\u00a0<\/a>makes a good point\u00a0in his &#8220;<a href=\"http:\/\/connectid.blogspot.com\/2008\/09\/could-someone-hand-me-that-hammer.html\">Could someone hand me that hammer please?<\/a>&#8221;<\/p>\n<p style=\"PADDING-LEFT: 30px\">I have a dead horse here that needs some beating.<\/p>\n<p style=\"padding-left: 30px;\">Does\u00a0 &#8216;identity metasystem&#8217; not imply &#8220;a pluralism of operators and technologies&#8221;? Isn&#39;t this even almost a <a href=\"\/?p=352\/#lawsofiden_topic3\"><span style=\"color: #6699cc;\">law<\/span><\/a>?<\/p>\n<p style=\"padding-left: 30px;\">If so, should a TC <a href=\"http:\/\/www.oasis-open.org\/news\/oasis-news-2008-09-23.php\" class=\"broken_link\"><span style=\"color: #666699;\">focused<\/span><\/a> on a single (albeit important) identity technology claim within its name the &#8216;meta&#8217; scope?<\/p>\n<blockquote style=\"padding-left: 30px;\"><p><em>The OASIS Identity Metasystem Interoperability (IMI) Technical Committee will work to increase the quality and number of interoperable implementations of Information Cards<\/em><\/p><\/blockquote>\n<p style=\"padding-left: 60px;\">The IMI TC&#39;s mandate respects the &#8216;pluralism of operators&#8217; required by the metasystem definition, but not the other piece.<\/p>\n<p style=\"padding-left: 30px;\"><strong>NB:<\/strong> Any comment that includes any combination of\u00a0 &#8216;forgot SAML token&#8217; will be summarily rejected.<\/p>\n<p style=\"padding-left: 30px;\">\u00a0<\/p>\n<p><strong>Metasystem and Identity Selector<\/strong><\/p>\n<p>Paul is completely right that the Identity Metasystem\u00a0is a unifying model intended to bring together\u00a0many contributing technologies &#8211; including Kerberos, PKI, browser-only federation protocols like SAML, WS-Security, WS-Trust and lightweight protocols like OpenID.\u00a0\u00a0And in fact, reaching across this diversity is the most important thing about it.\u00a0 Breadth is what allows us, as an industry,\u00a0to create &#8220;one identity model&#8221;\u00a0in terms of\u00a0application development, deployment and most important, user experience.<\/p>\n<p>To make this vision a reality, we need a\u00a0component of the metasystem\u00a0that has been\u00a0missing:\u00a0a common\u00a0&#8220;Identity Selector&#8221; \u00a0(early examples being CardSpace and DigitalMe).\u00a0<\/p>\n<p>Clearly such an important component needs to evolve\u00a0in the\u00a0context of an international standards body, so\u00a0the announcement of the new OASIS Technical Committee dedicated to Information Cards and their interoperability is an important milestone:<\/p>\n<p style=\"PADDING-LEFT: 30px\"><em>Boston, MA, USA; 23 September 2008 \u2014 OASIS, the international open standards consortium, has formed a new group to enable the use of Information Cards to universally manage personal digital identities. The OASIS Identity Metasystem Interoperability (IMI) Technical Committee will work to increase the quality and number of interoperable implementations of Information Cards. A rapidly-developing, Web 2.0-friendly method for shared light authentication, Information Cards let people authenticate themselves on multiple web sites without maintaining passwords for each site.<\/em><\/p>\n<p><strong>But back to the name<\/strong><em>\u00a0<\/em><\/p>\n<p>While\u00a0I think Information Cards are beneficial to the whole metasystem, they are not themselves <em>the metasytem<\/em>, and don&#39;t encompass all aspects of its interoperability.\u00a0<\/p>\n<p>For this reason, I don&#39;t personally think the OASIS committee&#39;s name is\u00a0currently quite right.<\/p>\n<p>I&#39;ve never personally participated in OASIS or any other standards body (I have great respect for those who do.)\u00a0 So I\u00a0have no idea whether it\u00a0is possible to tweak\u00a0a name once a committee is formed.\u00a0\u00a0If it didn&#39;t turn into a major time-waster, I think doing so would show everyone&#39;s respect for all the other contributions\u00a0being made\u00a0to the metasystem.\u00a0 I would prefer a name that is more technically specific, like\u00a0the <em>OASIS Identity Selector Interoperability Technical Committee (ISI<\/em>).<\/p>\n<p>The people who\u00a0put in the effort to set up the committee and come up\u00a0with a name will rightly say, &#8220;I wish you had given us that feedback earlier&#8221; &#8211; and I accept that criticism.\u00a0\u00a0Maybe I have\u00a0missed my opportunity to provide feedback.\u00a0 Basically, I was sufficiently excited about the emergence of the committee, and convinced that\u00a0the Identity Selector did\u00a0contribute to Metasystem Interoperability, that the potential issues with the name didn&#39;t jump out at me.\u00a0<\/p>\n<p><strong>And now to Occam<\/strong><\/p>\n<p>And now for something completely different.\u00a0 In <a href=\"http:\/\/connectid.blogspot.com\/2008\/10\/razor-sharp.html\">a recent post <\/a>Paul also reveals the origins of the third law of identity, and makes a great connection:<\/p>\n<div class=\"post-body entry-content\" style=\"PADDING-LEFT: 30px\">\n<p>&#8220;William of Occam was a 14th century English philosopher, best know for his &#8216;<a href=\"http:\/\/pespmc1.vub.ac.be\/occamraz.html\" class=\"broken_link\"><span style=\"color: #6699cc;\">principle of parsimony<\/span><\/a>&#8216; in comparing different explanations for some phenomena.<\/p>\n<blockquote><p><em>entia non sunt multiplicanda praeter necessitatem<\/em><\/p><\/blockquote>\n<p>&#8220;When translated and applied to identity, it&#39;s clear that <a href=\"https:\/\/www.identityblog.com\/stories\/2004\/12\/09\/thelaws.html\" class=\"broken_link\"><span style=\"color: #666699;\">Kim&#39;s Law 3<\/span><\/a> was preempted by some 700 years<\/p>\n<blockquote><p><em>entities must not be multiplied beyond necessity<\/em><\/p><\/blockquote>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>The metasystem includes all foundational identity technologies<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[16,46,10,8,15,22],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1014"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1014"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1014\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}