Ben Laurie blathering

How CardSpace Breaks the Rules

Daniel Bartholomew wants to know which of Kim’s laws CardSpace breaks, and Chris Bunio thinks the OECD workshop was not the correct forum for a detailed discussion.

How fortunate, then, that this blog exists! I can answer Daniel’s question, and Chris can educate us all on why I am wrong.

In fact, there are many ways CardSpace could violate the laws, but there is one which it is currently inherently incapable of satisfying, which is the 4th law – the law of directed identity – which says, once you’ve fought your way through the jargon, that your data should not be linkable. I explain this in some detail in my paper, “Selective Disclosure” (now at v0.2!), so, Chris and Daniel, I suggest you read it.


  1. Kim Cameron has answered you on his blog and essentially claims that you have misrepresented his laws (in particular with regard to identifier vs claim) and that in fact Cardspace is not breaking his law #4. His post seemed spot on, would be great if you would answer him!

    Comment by davidacoder — 24 May 2007 @ 22:16

  2. […] Kim has a couple of posts responding to my paper on selective disclosure and my claim that CardSpace does not obey his fourth law. […]

    Pingback by Ben Laurie: Kim Cameron on Me on Selective Disclosure | Server software — 3 Jun 2007 @ 7:50

  3. […] Cameron and Ben have been blogging on the properties of unlinkability and selective disclosure. See here, here, here, and here, as well as this older post of Ben’s.I’m going to jump into this […]

    Pingback by On Identity Claims, Unlinkability, and Selective Disclosure (part 1) « The Identity Corner — 11 Feb 2008 @ 18:33

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress