U-Prove intentions

March 10, 2008 at 11:37 pm 3 comments

I must confess to mixed feelings about news that Microsoft has acquired Credentica’s U-Prove™ technology, together with all of the underlying patents.

On the one hand, it’s wonderful to see the “market” at work. Dr Stefan Brands and his team have put in a lot of work into this over the years and the market has rewarded hard work and great technology. Good stuff.

It’s also wonderful to see that “security” and “privacy” are not seen as trade-offs but essential elements of a “Need-to-Know Internet.” Kim Cameron goes on to say that “It’s about building a system of identity that can withstand the ravages that the Internet will unleash. That will be worth billions.” Again, good stuff.

Jeff Bohren made the point that “The real question is whether the theoretical benefits will ever be realized by significant relying party adoption.” On that front, I think the answer is actually quite positive. For example, as a part of the work we are doing in NZ for igovt, we have several use cases where U-Prove™ technology can be very valuable.

It was therefore comforting to see Kim Cameron say “I can guarantee everyone that I have zero intention of hoarding Minimal Disclosure Tokens or turning U-Prove into a proprietary Microsoft technology silo.” I can’t wait to see this as a part of the CardSpace Managed Cards offering as well as available via an open standards based offering. And again, good stuff.

But… I was slightly uneasy to read that one of Dr Stefan Brands’ reasons for going to Microsoft was that it “can influence both the client and server side of applications like no industry player can…” Now, Kim Cameron was quick to downplay this by saying “I don’t actually buy the “influence/control both client and server” phraseology. I’m fine with influence, but see control as an elusive and worthless goal. That’s not how the world works.” OK, let’s chalk that up as another good, sort of.

And therein lies the rub. We are, after all, talking about Microsoft. Look at any IT news page and cringe. I can’t even begin listing the current controversies it is involved in. Can the company’s track record and actions (as opposed to words and intentions) be glossed over? Is there an “untraceable” and “unlinkable” connection between the Identity and Access Group and the larger corporate group?

So far, Kim Cameron’s and Microsoft’s thought leadership and execution of the identity metasystem has been brilliant.

Can an old dog learn new tricks? I hope so.


Entry filed under: authentication, igovt, personal_info, privacy, security.

Privacy Gateway NZ: Online banking and fraud

3 Comments Add your own

  • 1. Kimcameron  |  March 11, 2008 at 5:07 am

    You should take a look at this announcement. It may also only be words, but “In the beginning, there was the word.”

    Look at the recent announcements around data portability, too. And that’s code, not words.

    So I think there is a Microsoft++ emerging that wants to build the best software and services in a fully interoperable world with a thriving ecosystem.

    Maybe I’m just a dreamer, but the dream seems real when I wake up in the mornings.

  • 2. Vikram  |  March 11, 2008 at 9:18 am

    Thanks Kim.

    Reminds me of the story of the praying atheist. Asked why despite being an atheist he prayed every day, he replied that he just may be wrong. He wasn’t going to take the chance of being denied entry into heaven because he was wrong his whole life.

    So, yes, I’ll keep the faith and pray for a Microsoft++. But, I’ll allow for myself being wrong.

  • 3. Kimcameron  |  March 11, 2008 at 6:11 pm

    Very funny, and to be clear, I’m not asking you to set aside skepticism or vigilence – both are key ingredients of a safe Internet. I’m just looking for support for postivie accomplishments, because this brings about more positives…


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

This blog is no longer updated. See the About page for more info. I'm currently active on Twitter.

Follow me on twitter

Error: Twitter did not respond. Please wait a few minutes and refresh this page.


%d bloggers like this: