When reading Eric Norlin’s latest blog, I was very pleased to see that he got the point I was making on the Identity Workshop Google group:
Put simply the identity silo paradox is this: The largest sites on the internet have built silos (some ever-deepening) of identity information. Simultaneously, the “identirati” have been working on standards and methods that are based on the premise of opening up those silos, yet (paradox coming) the large sites currently have no valid business reason for doing so. Why would eBay open up their reputation system? Why would Google allow you to use a Yahoo! credential to login to their systems?
Today we have identity silos that we think are interoperable because of missing technology to glue them together. That is one of the reasons why the “identirati” have embarked on a quest to create standards and methods targeted at opening these silos. But is a lack of the right technology really the only reason?
Even when Google, Microsoft and Yahoo! would use the same technology, I doubt they will ever enable interoperability. All of them are not only a provider of identities, they are also a provider of services and they make profit on the services, not the identities. Being able to hold a tight grip on the identities enables them to have a hollistic approach for branding their ecosystem. Think about it, Microsoft Cardspace will extend the metaphore of a “card” to a real graphical representation of it. Do you think Yahoo! will not take the opportunity to get Yahoo! branding all over their cards? If a user would login to a Google service using a Yahoo! card, that would to the user almost feel as if they are using a Yahoo! service!
Will this change over time? Probably. As Eric points out, the forces on the web will eventually lead to more interoperability and not only on the technology front. But today, identity silos have no business reason to break down the walls and accept identities from elsewhere.
Ben Laurie from Google (and Apache SSL fame) said the following:
Where does Microsoft’s work on Infocard or Live ID or whatever-the-passport-nom-de-jour is show that Microsoft has any intention whatsoever of opening their silo? What it shows is that they think everyone else should open their silo.
To me, Ben is right on target with that remark. So it seems like we are heading towards the same identity silos but walled for different reasons.
On the bright side, at least on Vista, users will finally have a consistent and secure experience when dealing with identities thanks to Infocards and more specifically Microsoft’s Cardspace. That alone is worth the effort.