Rants, raves, and musings about Identity from the Old Man in the Corner, Dave Kearns.

Front page
Archive


About Virtual Quill


About Dave Kearns

Dave's Other Musings


IdM Journal
Wired Windows

Dave Kearns' Fusion newsletters on:
Identity Management
Windows Networking
NetWare

Technorati Profile

 

Friday, January 21, 2005

Posted 1:52 PM (0) comments

See you soon

I'll be taking a little break for the next week while I recharge my batteries. Stay tuned!

Wednesday, January 19, 2005

Posted 11:29 AM (1) comments

Human integration and Instantiation

Kim Cameron's now posted the Sixth Law of Identity:

The Law of Human Integration
The universal identity system MUST define the human user to be a component of the distributed system, integrated through unambiguous human-machine communications mechanisms offering protection against identity attacks.



Kim explains what he's getting at: "...we have done a pretty good job of cryptographically securing the channel between web servers and browsers - a channel that might extend for thousands of miles. But we haven't done a very good job at all of setting up the two or three foot channel between the browser and the human who uses it. And this is the channel that is attacked by phishers."

But he seems to posit that any transaction with an identity component would involve human interaction - that would be a tremendous step back into the dark ages! We've had machine-to-machine transactions for 40 years and more, why should we stop now? It's also true that identity transactions will not necessarily take place within a web browser.

Still, if you modify the language a bit, requiring unambiguous communication when a human is involved in the transaction, it might be more palatable.

However, there's a danger of a tautological transaction as an unambiguous exchange is needed to authenticate the user to the identity store so that the user can be authenticated!


Monday, January 17, 2005

Posted 2:35 PM (0) comments

Gone Phishing

Kim Cameron has now posted his 6th Law of Identity which I'll be commenting on shortly, but in introducing the topi he mentions phishing, and says "Today everyone knows about phishing." Sadly, though, that's far from the truth since, if it were true, the phishers would move on to more profitable endeavors. Not many can tell the phish from the phowl, though, as this test should quickly prove to you.

Kim moves on from this to "The Law of Human Integration" which will take a bit to wrap my mind around.

Posted 2:23 PM (0) comments

It's the Principle of the thing

I'm glad to see Jamie Lewis finally diving into the discussion of the Laws of Identity (see It's A Matter of Principles ). As a starter, he's trying to form the right semantic terms for the discussion and has proposed that Kim Cameron's Laws are, in fact, architectural principles since they describe the requirements for constructing an Identity Management platform. Hallelujah! I knew there was something I liked about young Jamie!

 

© 2003-2006 The Virtual Quill, All Rights Reserved

Home Feedback

[Powered by Blogger]

-->