Silos, Schmilos!

Ben Laurie posts flame-bait this morning, with an entry titled ‘Liberty Loves Silos’. I always find it amazing how folks ascribe the most sinister motivations to Liberty - maybe now that a load of our (previously private) mailing lists are publicly visible, people will see that we are really fluffy and cuddly (except Conor, of course, he’s a bit prickly).

Anyway - back to the point… My understanding (I wasn’t there for a lot of the early work, so I’m happy to be corrected here) is that the motivation for automated discovery was a seamless user experience. Asking the user for the location of her identity provider, discovery service, calendar service or whatever was seen as a bump in the road, rather than user empowerment. What we’re seeing now is a lot of thinking around how we can combine ideas of user identifiers (URLs or i-names) with SAML 2.0 for SSO and ID-WSF 2.0 for Web services. For example, YADIS/SAML or OpenID/ID-WSF.

In any case, user privacy, consent and control has always been foremost - hence all the work on defining how a user can consent to attributes being shared between providers [PDF], not to mention security and privacy [another PDF, I’m afraid].