May 5, 2005

Wither Circles of Trust ... Again ...

Network World's Dave Kearns has written several articles on this subject, most recently Where is Liberty Alliance's consumer-oriented Circle of Trust?

We were supposed to have had an announcement of a major, consumer-oriented Circle of Trust by the end of 2004. I'm still waiting.

and another which came in the daily Network World Email newsletter (not yet in archive).

I agree completely that these specifications are not for the faint of heart (which is why most of the Fortune 1000 leave this to the vendors to build). One aspect most vendors cannot solve for them is the legal agreements required for the formation of 'Circles of Trust' (There are some vendors which DO provide services in this space). This is precisely why the Alliance is turning some of it's pens towards non-technical advice and analysis of these challenges. The most recent being "Circles of Trust: The Implications of EU Data Protection and Privacy Law for Establishing a Legal Framework for Identity Federation", which Dave references in his article.

As for the apparent lack of Consumer facing deployments? Well, I can assure you they are there. Not in vast numbers, granted. The motivations for the deployments to date are (to the best of my knowledge) strategic in nature; part of the infrastructure. Deployments that are firmly committed to open, Identity Oriented Architectures will embed Liberty specifications INTO the networks and services they offer. Consumers may never be aware that Liberty protocols are under the hood of the services they use. Rather, they will experience ease of use and privacy-protecting interactions when service providers request authentication and attributes about them.

Liberty has focused it's brand primarily on the vendor and customer communities through it's conformance programs. These are the adopters, where-as consumers and employees are the beneficiaries.

Tags: | |