- From: peter williams <home_pw@msn.com>
- Date: Fri, 15 Apr 2011 12:25:50 -0700
- To: <public-xg-webid@w3.org>
- Message-ID: <SNT143-ds2156728A8BC9395360FCB092AC0@phx.gbl>
From http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_04151 1.pdf "The realization of this vision is the user-centric "Identity Ecosystem" described in this Strategy" If you note, the US commerce secretary only conceives of individuals as consumers (relating to businesses). He sees little point in calling individuals "individuals", talking unto other individuals in groupware. As a "commerce" secretary, this seems not unreasonable. He doesn't focus on that upon which we focus in webid - anything but commerce. He focuses on the relations between users as consumers/subscribers/businesses. Now, a few years ago, our design space was characterized by the moniker "UCI" - or user-centric identity. What it meant was: self-assertions. And it was supposed to be protocol independent (being a mode of orchestrated interactions). You could go to identity commons groups, and folks would bleat on about its properties with about as much religion as semantic web folks exhibit. It had its prophets and sponsors, and VC-funded startups. One had in the openid protocol incarnation, for example, self-assertions from one's wordpress blog site (actually several million in number), or the self-assertion of mapped name in the identity delegation of openid that shielded an relying party site from the "property " of an IDP (such as an IDP's copyrighted name for its subscriber, to be bound to the local account name). If one looks at the "national security" priority expressed (why is a "national security" priority, meaning military power is now authorized?), one sees a co-opting of that phrase "user centric". It now doesn't mean any of the above. It means you choose your vendor (vs a govt. appointed vendor) - which _sounds_ good, no? That user-selected vendor (and google is the archetype here) will probably refuse however to process the self-asserted names and identity mappings, should you do what UCI originally meant. Similarly, though Microsoft Azure ACS demo will process the openid assertions from Google (acting as openid OP and conforming to the public protocol), it will not process my self-asserted wordpress assertions, even though thoe sites are conforming OPs. I cannot even configure my ACS tenant to allow my wordpress OP , in additional to Google OP, even if I WANT to in JUST my tenant. Self-asserted IDPs using openid are JUST NOT ALLOWED, in the wonderful world of mainstream infrasrucuture, replete with "user centric choices" that are "ahem" somewhat limited: to Google and Yahoo. Of course, I can configure ACS to accept a self-asserted ws-fedp IDP! (Anyone want to build a public openid/wordpress -> Ws-fedp bridge, an ACS for ACS??) As webid continues, in its self-assertion orientation, its going to come under "pressure" to no longer be based on self-assertion principles I bet. I'll give it 12 months, before folks in formal positions here are doing what I encountered in openid-land 2 years ago: oh "user centric" now got re-defined, Peter. We decided to do so, in an, ahem, secret set of meeting with US govt. Oh you were not invited? Sorry. Woops. We decided collectively, self-assertion between individuals was not in the "national interest".
Received on Friday, 15 April 2011 19:26:21 UTC