Monday, May 14, 2007

Waldo deserves privacy too

Ben Laurie asks 'Is Liberty User-centric?'.

A year ago I would have stridently and vehemently defended Liberty's architecture, shouting to the rooftops the justification as to why indeed it deserved the 'user-centric' moniker.

I've moved on, I'm past caring. Countless discussions and ID Gang threads notwithstanding, there is still no industry accepted set of criteria as to just what 'User-centric' is. It's the 'Web 2.0' of identity, everybody seems to have a feeling for what it constitutes, but nobody agrees on the specifics. Like Justice Potter Stewart, maybe we need to fall back on a 'I know it when I see it' methodology.

If Ben's question had instead been phrased as 'Can Liberty's architecture enable meaningful control for users over their identity?', then we might be able to have a useful discussion (brief synopsis, Ben will argue that the answer is 'no', I'll take the counter position).

Ben argues that automated discovery mechanisms, like in Liberty's ID-WSF, are incompatible with user-control - as they would diminish the user's ability to manage the discovery of their identity services.

Responding to a comment of mine where I suggested (with a certain amount of tongue in a certain amount of cheek) that the alternative to such automated discovery would be users deluged in post-it notes with scribbled URLs, Ben writes

Of course, the users won’t be managing their data by such primitive means. Their computer(s) or their chosen service provider(s) will do all the legwork.

I'm lost. A 'chosen service provider' doing 'all the legwork' is exactly the model that Liberty enables (but not dictates). In ID-WSF, a user chooses where they want their various identity slices to be held, and then also designates a Discovery Service provider that will do the 'legwork' of facilitating the discovery of the various services if and when necessary.

How is this different than an XRDS document listing a user's various identity services? The user chooses both a) where they store their identity, as well as where b) they store the XRDS document pointing to all the a's.

On the topic of 'selective disclosure', I'd love to learn more and explore how ID-WSF could carry selective disclosure tokens. Perhaps the scenario is using ID-WSF to get the necessary tokens to the client, with the selective disclosure protocols (over a SOAP Binding?) taking over at that point? I'm sure Ben has a better take on what might be involved. Perhaps Concordia is a forum for discussions.

In his selective disclosure paper, Ben uses a nice analogy to explain the principle. But shouldn't Wally/Waldo be given the ability to control how his geolocation is shared?

No comments: