Regarding "Standard Setting Organizations" there is interesting work afoot as noted in an intro to the International Standard Name Identifier (ISO Draft standard) posted on the "Technology Watch Report: Standards in Metadata and Interoperability" blog at: 
http://metadaten-twr.org/2010/02/03/international-standard-name-identifier-an-introduction/

Juha Hakala, a member of the ISNI working group, has published a short introduction to the "International Standard Name Identifier" (ISO 27729) effort, its status, background, syntax, name metadata, governance and potential implementation challenges. 

Hal Warren
OpenID Society



On Feb 15, 2010, at 12:39 PM, Brett McDowell wrote:

You are correct Alex.  I was referring to Standard Setting Organizations, not Single Sign-On.

On Feb 12, 2010, at 10:55 AM, Popowycz, Alex wrote:

I think there might be some confusion on this thread.  I believe that
SSO in Brett's email referred to Standards Setting Organizations whereas
it appears that it's being interpreted as Single Sign On in other parts
of this discussion.  

Brett - would you please weigh in?

-----Original Message-----
From: community-bounces@kantarainitiative.org
[mailto:community-bounces@kantarainitiative.org] On Behalf Of Bob
Pinheiro
Sent: Friday, February 12, 2010 1:42 PM
To: community@kantarainitiative.org
Subject: Re: [Kantara - Community] An observation: SSO's are
consolidating and/or collaborating more

The ability of service providers / relying parties to save money is only

half the equation.  It's easy to think of ways that SPs/RPs can save
money.  But for federated identity to work, there's got to be a way for
identity providers to make money.  That's the part that's missing.

The US government is making a big push for adoption of open identity
technologies with their Identity, Credential, and Access Management
(ICAM) initiative.  The government saves money by not having to issue
and manage credentials for citizens wanting to access online government
services.  A number of big players (Paypal, Yahoo, Verisign, Google,
AOL) have stepped up to the plate to act as OpenID providers, so that
people with credentials from these identity providers can use them to
access government services.  But these initial ICAM services are low
assurance, LOA-1, services, meaning that these identity providers will
not need to verify the identities of those to whom it issues OpenIDs,
and those OpenIDs are usable with only a username and password.

For higher assurance services, stronger authentication methods and
technologies will be needed, and some degree of identity proofing prior
to issuance of the credentials will also be required.  The costs of
these things will not be zero, and presumably identity providers will
want to recoup their costs and earn a profit by providing these identity

services.  The missing piece of the puzzle is what business model(s)
will support higher assurance identity services.  Will relying parties
pay identity providers for identity assertions?  Will consumers pay
something if the use of high assurance identity credentials can help
protect them against identity theft?   Or will identity providers eat
the costs of providing high assurance identity services if it can help
them to attract customers for other services they provide?

It would be interesting to hear from others who might have some better
insight..........

On 2/12/2010 12:37 PM, Steven_Carmody@brown.edu wrote:
At 11:44 AM -0500 2/12/10, Thomas Hardjono wrote:

My apologies for my ignorance, but I was wondering if anyone in the
industry is making any money with SSO or Web-SSO? If SSO is a
facilitator towards "something", its not clear (to me) what that
something is.


Service Providers are saving money, by reducing the info they are
responsible for (userids, etc) and reducing the costs associated with
providing that service.

As campuses (and other businesses) move to outsource more and more of
their utility-like business services, Federated Identity becomes part
of the equation. For instance, Brown is in the process of outsourcing
check printing to a big IT company. They want to offer online access
to pay stubs and W2's, rather than actually printing checks and
stubs. This company asked us "have you ever heard of the Shibboleth
software?". The big companies that manage retirement funds for
faculty and staff offer Federated access. The list goes on --
including athletic ticketing (varying discounts based on type of
campus affiliation), support for career services, parking spots, etc.
And the usual assortment of services supporting instruction.

Clearly, tho, some of these services require protocols and
credentials that are at the LoA 2 level.
_______________________________________________
Community mailing list
Community@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/community


_______________________________________________
Community mailing list
Community@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/community

_______________________________________________
Community mailing list
Community@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/community

_______________________________________________
Community mailing list
Community@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/community