Stefan Brands postulates that the efforts of Passport/Liberty Alliance is leading to a convergance of thought between those who have been warning about privacy all these years, and those that want to build identity systems that share data across different organisations. Probably, this is a good thing; in that only the failures of these systems can lead these institutions to understanding that people won't support them unless they also deliver benefits with lowered risks to themselves.
Should the 'privacy nuts' just stand back and let them make mistakes? I don't know about that, I'd say the privacy community would be better off building their own systems.
"The technical architecture of an identity system should minimize the changes it causes to the legacy trust landscape among all system participants."
Sounds good to me. On two counts, it technically has a much better survival probability. One, it's a principle, and not a law. Laws don't just suddenly appear on blog entries, they are founded in much more than that. Secondly, it says "should" and so recognises its own frailty. There are cases where these things can be wrong.
For the other 9 design principles, we have to wait until Stefan writes them down!Posted by iang at February 12, 2005 01:44 PM | TrackBack