Wednesday, January 23, 2008
The untold conversation around user-centric identity and federations...
Many folks know that I am an advocate of both CardSpace and OpenID and would like to see them successfully used in B2B scenarios as I am tired of all of the conversations around consumerish approaches. There are several realities one must acknowledge to make the user-centric ecosystem larger that haven't yet been discussed.
So, let's say that I would like to take the lead in figuring out ways for insurance agents who can do business with any insurance carrier to have a way to not have to remember all of the expiry, complexity and history requirements each and every insurance carriers forces on outsiders and believe that Cardspace is a potential solution. I have identified that there are at least 200 other insurance carriers that would make great partners for figuring this out, yet I don't have any contacts in these firms to get the conversation started.
It would be somewhat logical for me to ping Ashish Jain and Patrick Harding of PingIdentity, Pat Patterson of Sun, Kim Cameron and Mike Jones of Microsoft, Nishant Kaushik of Oracle and so on in hopes of them being able to wire me up to the appropriate peers. The problem then becomes one of motivation and/or impediment depending on one's perspective. Minimally, software vendors are in the conversation in order to make a sale while in a federation approach, this can't happen until multiple players at least are introduced to each other and have a conversation first.
Some vendors will pull out their bag of tricks, the notion of not disclosing who their customers are, so even if we could make this happen from a technical perspective, we could figure out the relationship aspects which is more important. Even if I could bring along Microsoft, Oracle, Ping, Sun and other participants to the table, the conversation would still devolve into technical comparisons that I would be forced to moderate while ignoring the business challenge of federation.
So, exactly how do vendors expect the notion of community formation to occur? Maybe one of them will talk about it. The funny thing is that they are of the belief that they don't have to play a part in making this happen and can merely sit back and wait for us customers who aren't connected to each other to magically figure it out. If these companies are venture funded, I hope their funding gets cut.
Someone will sooner or later ask why about industry vertical consortiums such as ACORD and why they can't be leveraged without acknowledging that consortium activities are distortions of how things work in the real world. For example, a specification for how to handle web services security was being proposed. Do you think anyone from IT in any carrier participated or did we rely on some software vendor who wanted to sell something to do all the work in terms of creation of comprehensive documentation while not a single carrier actually had a conversation around it with each other?
Do you think that folks in the enterprise that work for AIG that participate on ACORD actually talk to their security folks? If vendors who want to make OpenID or CardSpace successful, they need to assist large enterprises in the act of community formation and not think about everything being a sales lead upfront. You have to create the marketplace before you start marketing...
Links to this post: