I just read a paper by Ann Cavoukian, Information and Privacy Commissioner of Ontario, called “7 Laws of Identity”. If you’ve been paying attention, you’ll know that this is likely to be quickly followed by a recommendation to use Windows Vista and Cardspace (like, ahem, this, perhaps?).
So that’s fine, if Ontario wants to waste money by buying from Microsoft, rather than using, say, open source solutions, such as Higgins or OSIS, then that’s their taxpayers’ lookout, not mine.
What does annoy me, though, is the complete bullshit in the paper, apparently endorsed by Kim Cameron – who should know better.
This paper recognizes and is inspired by the “7 Laws of Identity” formulated on an open blog by a global community of experts through the leadership of Kim Cameron, Chief Identity Architect at Microsoft.
and
Because these Laws were developed through an open consensus process among experts and stakeholders, they reflect a remarkable convergence of interests, and are non-proprietary in nature. As a result, they have been endorsed and adopted by a long and growing list of industry organizations, associations, and technology developers.
This just isn’t true. Kim’s 7 laws were sprung fully-formed on experts and stakeholders – at least, the experts and stakeholders I know. So, Kim, who are these experts and stakeholders? And where was the open process?
Then there’s this…
By allowing different identity systems to work together in concert, with a single user experience, and a unified programming paradigm, the metasystem shields users and developers from concerns about the evolution and market dominance of specific underlying systems, thereby reducing everyone’s risk and increasing the speed with which the technology can evolve.
What? Cardspace maybe allows you to use different kinds of certificates, but I don’t see it doing any other protocol than Cardspace’s own. And yeah, at this point Kim will say, “no, no, the metasystem is something different, Cardspace isn’t the metasystem”, but, as usual, he only says that when he’s challenged. The rest of the time he’s happy to see “the identity metasystem” (whatever that is) conflated with Cardspace.
None of which is to say Kim’s 7 laws are wrong or bad. They’re really quite good, apart from being way too verbose and hard to read – unlike my 3 laws.