W3C home > Mailing lists > Public > public-xg-socialweb@w3.org > January 2010

Re: Kim Cameron's Laws of Identity

From: Kaliya <kaliya@mac.com>
Date: Wed, 20 Jan 2010 14:44:40 -0800
Message-id: <A66FD778-48DB-4148-88FD-5DC21E03916A@mac.com>
To: public-xg-socialweb@w3.org
Yes there is that paper from 2005 (around the time of the Lexicon).

There is this newer one with more recent vocab/concepts.
A Proposal for a Common Identity Framework: A User-Centric Identity  
Metasystem.
http://www.identityblog.com/wp-content/images/2009/06/UserCentricIdentityMetasystem.pdf

I also mentioned Bob's Relationship Paperhttp://identityblog.burtongroup.com/bgidps/2009/02/relationship-paper-now-freely-available.html
via this link: http://www.burtongroup.com/Guest/Idps/RelationshipLayerWeb.aspx

"Consistent Experience Across Contexts"
is where the work on Active Clients from our community comes in.....I  
do hope you can talk to the folks working on that. This work also gets  
out of the need to have "one' technical protocol...the clients can be  
multiprotocol.


to do all the things that Christine/Renato outlined in their paper -  
the user needs consistent experience (that is also secure - meaning it  
will be obvious to the user if something untoward is being done to  
their data/info [preventing fishing etc])


The Venn of Identity paper was also mentioned in the IRC. Here is all  
of Eve's stuff on it.
http://www.xmlgrrl.com/blog/categories/venn/

The paper itself published in IEEE was co-written with Drummond Reed.

hope this helps.
Let me know if you want to know more about any particulars of people/ 
work/efforts happening in our community it would be my pleasure to  
help you connect to it.

-Kaliya




On Jan 20, 2010, at 2:35 PM, Harry Halpin wrote:

> Following our phone call, here's some other "rules" for social web
> work, including identity:
>
> 1. User Control and Consent:
>
>    Digital identity systems must only reveal information identifying
> a user with the user’s consent.
>
> 2. Limited Disclosure for Limited Use
>
>    The solution which discloses the least identifying information and
> best limits its use is the most stable, long-term solution.
>
> 3. The Law of Fewest Parties
>
>    Digital identity systems must limit disclosure of identifying
> information to parties having a necessary and justifiable place in a
> given identity relationship.
>
> 4. Directed Identity
>
>    A universal identity metasystem must support both
> “omnidirectional” identifiers for use by public entities and
> “unidirectional” identifiers for private entities, thus facilitating
> discovery while preventing unnecessary release of correlation handles.
>
> 5. Pluralism of Operators and Technologies:
>
>    A universal identity metasystem must channel and enable the
> interworking of multiple identity technologies run by multiple
> identity providers.
>
> 6. Human Integration:
>
>    A unifying identity metasystem must define the human user as a
> component integrated through protected and unambiguous human-machine
> communications.
>
> 7. Consistent Experience Across Contexts:
>
>    A unifying identity metasystem must provide a simple consistent
> experience while enabling separation of contexts through multiple
> operators and technologies.
>
> In full, on his website [1].
>
> Here's a poster, quite nice [2].
>
> [1] http://www.identityblog.com/?p=353
> [2] http://www.identityblog.com/wp-content/images/2009/06/7_Laws_of_Identity.jpg
>
Received on Wednesday, 20 January 2010 22:45:14 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:22:08 UTC