Links

Ben Laurie blathering


Ontario’s Private Love Affair with Microsoft

I just read a paper by Ann Cavoukian, Information and Privacy Commissioner of Ontario, called “7 Laws of Identity”. If you’ve been paying attention, you’ll know that this is likely to be quickly followed by a recommendation to use Windows Vista and Cardspace (like, ahem, this, perhaps?).

So that’s fine, if Ontario wants to waste money by buying from Microsoft, rather than using, say, open source solutions, such as Higgins or OSIS, then that’s their taxpayers’ lookout, not mine.

What does annoy me, though, is the complete bullshit in the paper, apparently endorsed by Kim Cameron – who should know better.

This paper recognizes and is inspired by the “7 Laws of Identity” formulated on an open blog by a global community of experts through the leadership of Kim Cameron, Chief Identity Architect at Microsoft.

and

Because these Laws were developed through an open consensus process among experts and stakeholders, they reflect a remarkable convergence of interests, and are non-proprietary in nature. As a result, they have been endorsed and adopted by a long and growing list of industry organizations, associations, and technology developers.

This just isn’t true. Kim’s 7 laws were sprung fully-formed on experts and stakeholders – at least, the experts and stakeholders I know. So, Kim, who are these experts and stakeholders? And where was the open process?

Then there’s this…

By allowing different identity systems to work together in concert, with a single user experience, and a unified programming paradigm, the metasystem shields users and developers from concerns about the evolution and market dominance of specific underlying systems, thereby reducing everyone’s risk and increasing the speed with which the technology can evolve.

What? Cardspace maybe allows you to use different kinds of certificates, but I don’t see it doing any other protocol than Cardspace’s own. And yeah, at this point Kim will say, “no, no, the metasystem is something different, Cardspace isn’t the metasystem”, but, as usual, he only says that when he’s challenged. The rest of the time he’s happy to see “the identity metasystem” (whatever that is) conflated with Cardspace.

None of which is to say Kim’s 7 laws are wrong or bad. They’re really quite good, apart from being way too verbose and hard to read – unlike my 3 laws.

7 Comments

  1. Kim Cameron’s Laws are founded on Identity. He assumes Identity as a foundation of granite, and then builds upwards. Unfortunately, Identity is more like sand, and you don’t have to build very high before everything starts shifting in uncontrollable ways. Any “7 Laws of Identity” must fail on the face of them, because Identity won’t support laws, it’s even tough to create guidelines.

    https://financialcryptography.com/mt/archives/000805.html

    Comment by Iang — 19 Oct 2006 @ 14:32

  2. Having said that, Identity is how the whole world thinks, or at least the rich buying western public part of it. So it is probably necessary for Microsoft to sell product proffering a good “Identity solution.” Whatever that means … what then is more interesting is whether Kim Cameron and Microsoft drink their own Kool-aid. I think they do; but who knows what they really intend.

    For a corner of the western buying world that didn’t think like that, at least once:

    https://financialcryptography.com/mt/archives/000826.html

    Comment by Iang — 19 Oct 2006 @ 14:38

  3. You are right, there is no “open consenus process”. Kim Cameron said publically:

    Cameron: I think people will be people offering InfoCard-enabled services by the time Vista ships. I’m at a disadvantage because I can’t tell you who we are working with. What I can say is there are thought leaders around this in each industry. Those are the guys who we will be working with and who will have these applications that are InfoCard ready.

    Old trick: empower some influential allies with the inside track, then present them as thought leaders. Later on claim it was an open consensus process…

    https://financialcryptography.com/mt/archives/000667.html

    Comment by Iang — 19 Oct 2006 @ 14:38

  4. So that’s fine, if Ontario wants to waste money by buying from Microsoft, rather than using, say, open source solutions, such as Higgins or OSIS, then that’s their taxpayers’ lookout, not mine.

    Ben, you seem to view this technology as an either/or proposition. I see it as complementary. Without options for Macs and *nix boxes, the MS effort cannot succeed — and vice versa.

    At this point, a win for one vendor in this space is a win for every vendor in the space, because the user gets to choose what client is used, not the service provider – and because the client won’t matter at all until there are valuable services to connect to.

    As such, I really don’t fear for my taxpayer dollars. Or at least, not for the reasons you stated 🙂

    Cheers,

    Pamela

    Comment by Pamela Dingle — 23 Oct 2006 @ 19:48

  5. First, read Anne Cavourkian’s version of the laws – they’re really great.

    Second, there were many people who interacted with me when I was articulating the laws. I listed them all in the laws – and no one asked not to be mentioned, so far! I’ve actually been under the impression that there is general consensus that the laws move us forward. EVen you seem to agree.

    So I don’t get your point. You don’t want people like Anne Cavoukian to get involved? You don’t think the laws are a good handle for doing so? You don’t think the laws have had a defining role in the emergence of user centric approaches? Or are you arguing that there is no consensus because we didn’t take a formal vote?

    I actually thought the laws were a good way for the privacy community to hook up with those of us doing identity.

    Comment by Kim Cameron — 27 Oct 2006 @ 4:55

  6. It might help to point out the list of people who contributed during the laws dicussions and the way I presented the work:

    “The ideas presented here were extensively refined through the Blogosphere in a wide-ranging conversation documented at http://www.identityblog.com that crossed many of the conventional fault lines of the computer industry, and in various private communications. In particular I would like to thank Arun Nanda, Andre Durand, Bill Barnes, Carl Ellison, Caspar Bowden, Craig Burton, Dan Blum, Dave Kearns, Dave Winer, Dick Hardt, Doc Searls, Drummond Reed, Ellen McDermott, Eric Norlin, Esther Dyson, Fen Labalme, Identity Woman Kaliya, JC Cannon, James Kobielus, James Governor, Jamie Lewis, John Shewchuk, Luke Razzell, Marc Canter, Mark Wahl, Martin Taylor, Mike Jones, Phil Becker, Radovan Janocek, Ravi Pandya, Robert Scoble, Scott C. Lemon, Simon Davies, Stefan Brands, Stuart Kwan and William Heath.”

    Since that time they have received support from hundreds of other identity thinkers from Lawrence Lessig to Reed Hundt. If you want, I’ll also register your negative vote.

    Comment by Kim Cameron — 27 Oct 2006 @ 5:03

  7. […] A while back, I posted about Ontario’s love affair with Cardspace (I notice, btw, that Ann Cavoukian is so hip to this ‘net thing that she’s broken the link to her white paper, which is now here – confidence inspiring). In that post, I said that there was a false claim that the laws were “developed through an open consensus process”. […]

    Pingback by Links » If You Have Laws, Are You A Politician? — 8 Nov 2006 @ 12:14

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress