This is very simple. There are statements like, “I, the employer of this person, have given them a secret” – either a password or even better a big number, a key. So I, Intel, say if they present this secret back to me, I, Intel vouch that they are an employee. Then we at Microsoft collaborate with Intel, and we decide do we accept statements of that type to decide who can get into various collaborative websites for joint projects.
The statement! That is something that has been lacking from just about all of the popular designs, and is at the root of the harm of identity theft on the net. If Microsoft are heading in this direction, this is an encouraging development. However, when we take it a bit further:
That’s called federation, where we take their trust statement and we accept it, within a certain scope. So they don’t have to get another user account password. There’s no central node in this thing at all, there never can be. Banks are a key part of it, governments can be part of it. The US, probably not as much.
That's scary. If the point of system is to allow corporates to exchange statements about you, do we really believe that just because they say they are limited statements that users' privacy isn't being shredded? James also questions Federated Identity, the sum of which seems too many people with too many acronyms and too much reliance on adoption and users' blind religious trust.
In contrast there is this tantalising snippet in another interview that suggests that the system might be sort of maybe usable for nyms:
Cameron: I think people will be people offering InfoCard-enabled services by the time Vista ships. I’m at a disadvantage because I can’t tell you who we are working with. What I can say is there are thought leaders around this in each industry. Those are the guys who we will be working with and who will have these applications that are InfoCard ready.
You can get not just identity but sort of very interesting semi-anonymous things that are very privacy-friendly. One of the things we have been doing with this project is to work with the privacy advocates and have them as colleagues in the design of the thing. This is not one of those things where a bunch of nerds get in to a garage and come up with something that is going to gross out the privacy advocates.
Who are these shy thought leaders, and what do they mean by semi-anonymous?
If you read the (first) entire interview with Bill Gates, you like I might get the impression that Bill Gates remains a wolf in sheep's clothing. Kim Cameron says "A number of people have confided that they worry the committment to privacy and openness I make in my work can’t “possibly” reflect the ideas of the “official Microsoft juggernaut”' but is he trying on the same suit? Some of these comments read pretty thin, when we factor in Microsoft's history (which, again, shouldn't be taken to mean that any other company is any more concerned about privacy). Even their recent history isn't encouraging:
BG: No, no, it’s not even worth going back to that. We partly didn’t know what it was, and certainly what the press said it was wasn’t what we thought it was, but even what we thought it was we didn’t end up doing all of that. That’s old history.
Only the blindly religious would see Bill Gates' dismissal of past errors as anything but a warning sign. So, now we are here in not-old-history. What is it that is being said that gives us confidence that old istory isn't just around the corner, yet again? Not only does he decline to simply say "Passport was wrong," he's inviting everyone to trust him, this time. In Passport V3, we'll get it right, honest injun! Being blind and religious might help, but even that has limits.
The curious thing about this is that regardless of how Microsoft is going to get parts of this wrong, we now have a re-emerging competition in security. These ideas will be put into play in the Microsoft suite of software, and the few that work will be copied. Yes, some of them are going to work. The ones that won't work will end up in the dust heap (but not before being re-named mid-programme).
Is that the best we can do? To paraphrase Churchill, competition is a terrible way to do security, but it's better than all the other ways. So maybe we no longer care what Microsoft says, only what they succeed at.Posted by iang at February 27, 2006 02:09 PM | TrackBack