Microsoft calls for online identity overhaul (long)

[David Farber <dave () farber net>]

Begin forwarded message:

From: Ed Gerck <egerck () nma com>
Date: May 12, 2005 6:16:11 AM EDT
To: dave () farber net
Cc: Ip ip <ip () v2 listbox com>
Subject: Re: [IP] Microsoft calls for online identity overhaul (long)


[Dave: comments for IP, if you wish so]


> From: "Bennison, Mark M" <mark.m.bennison () mbda co uk>
> Date: May 12, 2005 2:49:28 AM EDT
> To: "'dave () farber net'" <dave () farber net>
> Subject: Microsoft calls for online identity overhaul (long)
> "Microsoft calls for online identity overhaul" (http:// 
> www.vnunet.com/ news/1162956)
> Tom Sanders at Digital ID World in San Francisco, vnunet.com 11 May  
> 2005
> The IT industry needs to adopt an identity meta system to overcome   
> existing issues with online identities, Kim Cameron, Microsoft's   
> architect of identity, told delegates at the Digital ID World   
> conference in San Francisco.
> ....
> (from http://www.identityblog.com/stories/2004/12/09/ thelaws.html)
> The Laws of Identity
>  People who work on or with identity systems need to obey the Laws  
> of  Identity.  When we don't, we leave behind us a wake of  
> reinforcing  side-effects that eventually undermine all resulting  
> technology.  The  result is similar to what would happen if civil  
> engineers were to  flaunt the law of gravity.

Kim's "Laws of Identity" are quite arbitrary (see my comments below).
Trying to compare them with the law of gravity is marketing, not  
science.


> These laws are objective because they pre-exist our consciousness  
> of  them.

In science, what is objective does not depend on what each one of us may
understand by consciousness today.


> The Laws of Identity, taken together, establish significant   
> constraints on what a unifying identity system can be.

One needs to be aware of constraints for the particular subset of  
reality
where one works. For  example, in the context wherein Kim works, can
identity be defined by a natural _and_  a logical connection or just  
by a
logical (ie, computable) connection?


> The first big breakthrough is to understand that "some set" of  
> laws  exist.

The set does not have to objective, or static. Therefore, to talk about
"some set" is the same as saying "any set" including the empty set --
it is a tautology, it is not informative.

 > 1.  The Law of Control:

> Technical identity systems MUST only reveal information identifying  
> a  user with the user's consent.  (Starts here...)

No. This would support spoofing and spam, for example. MUST a user (a  
spammer)
who decides to abuse an email identity system  be allowed to send emails
without identifying who is sending them?

Look into biology, for another example, to see something that has  
been working
for millions of years. This is not how biological systems work. There  
is not
a single organism that can hide its identity, there is always either a
passive or an active connection that can be established. The  
invisible man
would be blind.


> 2.  The Law of Minimal Disclosure
> The solution which discloses the least identifying information is  
> the  most stable, long-term solution.  (Starts here...)

No. Look into biology again, for some simple counterexamples.


> 3.  The Law of Fewest Parties
> Technical identity systems MUST be designed so the disclosure of   
> identifying information is limited to parties having a necessary  
> and  justifiable place in a given identity relationship.  (Starts  
> here...)
What is "necessity" and "justifiable"? Neither is an objective  
criterium.
Is "necessity" and "justifiable" going to be defined by the vendor?
Or, by the user? Where?


> 4.  The Law of Directed Identity
> A universal identity system MUST support both "omnidirectional"   
> identifiers for use by public entities and "unidirectional"   
> identifiers for use by private entities, thus facilitating  
> discovery  while preventing unnecessary release of correlation  
> handles.    (Starts here...)

Nonetheless, some systems do exist where all users MUST be 100%  
identified.
For example, a public election.


> 5.  The Law of Pluralism:
> A universal identity system MUST channel and enable the  
> interworking  of multiple identity technologies run by multiple  
> identity  providers.  (Starts here...)

That's why undocumented functions in APIs will, one day, doom those who
create and use them?


> 6.  The Law of Human Integration:
> The universal identity system MUST define the human user to be a   
> component of the distributed system, integrated through  
> unambiguous  human-machine communications mechanisms offering  
> protection against  identity attacks.  (Starts here...)

In communications, messages often have meaning and may be linkable to a
particular sender. However, for the technical problem of communication
reliablity, the meaning of messages is not relevant ...nor the identity
of who sent them. These are quite orthogonal issues.


> 7.  The Law of Contexts:
> The unifying identity metasystem MUST facilitate negotiation  
> between  a relying party and user of a specific identity -  
> presenting a  harmonious human and technical interface while  
> permitting the  autonomy of identity in different contexts.

This is also called the PKI Dream. Note that the word "relying party"  
has legal
as well as technical connotations. In either case, as exemplified in the
X.509/PKIX work, it can be applied well only in a local context --  
not in a
global context.

Microsoft's newest plan is to store the identity information in the  
user's
computer. While this seems better than storing it in Microsoft's  
computer,
all it does is asymmetrically push the liability to the user. It does
not solve the problem of the user, or of the relying parties.

Cheers,
Ed Gerck


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/