Robin,

Thank you for the thoughtful response.  I hope that anyone who has a question about the Institutional Web of Trust will ask it.  We may not have all the answers at this time; however, I think we are headed in the right direction and good questions will help refine that direction.

In the U.S., the EEC and other first world nations we envision a scenario where the Institutional Web of Trust will be an infrastructure service similar to the energy grid that is built and maintained by a combination of government and private resources.  In second and third world nations the Institutional Web of Trust will most likely be built and maintained by a combination of mobile network operators and financial institutions; they have the most to gain.

In regards to implementations outside the U.S. or implementations that span borders, we expect that there will be regional implementations of the Institutional Web of Trust that will be patterned on the service areas of the mobile network providers.

Many of these regional mobile network operators are moving aggressively into the areas of mobile banking, mobile money transfers and other areas of mCommerce.  One shining example is Zain (http://www.zain.com), "a leading wireless services provider with a commercial presence in 23 countries across the Middle East and Africa".

Zain’s Zap mobile commerce service is an award winning service that is bringing advanced technology services to millions (http://www.zain.com/muse/obj/lang.default/portal.view/content/Media%20centre/Press%20releases/GTB2009Awards).

In regards to federation, I am not sure that at this time we have, "a single architectural blueprint for all use-cases."  However, I do think we have a good architectural blueprint for a simplified federation process.  This architecture does not require complex provisioning or contractual agreements between ID providers; there are no "Circles of Trust".

Under the Institutional Web of Trust an institution could federate the identity of it's users (or a subset of its users) simply by adding (or modifying) a credential to each of it's user's digital wallets and creating an institutional reference within the Institutional Web of Trust Repository.  If you trust the institutional reference, you can trust the credential presented by the user.

As part of the federation process, cooperating institutions will most likely create standard authorization levels for various services and provision these levels as part of a user's credential.  For example, a coalition of universities may have authorization levels for library services that will enable users to access any library within the coalition; government organizations may provision security levels within a user's credential that enable inter-agency access to resources; etc.

Mike






Robin Wilton wrote:
That's an interesting concept, and a position which may or may not fit well within the existing Kantara vision...
 
One potential issue is that the approach you describe may not translate well, either to implementations outside the US (for instance, where you describe the infrastructure being "created with government resources"), or to implementations which need to span borders in order to function (operationall or commercially). 
 
In some ways, your description of a single, worldwide infrastructure meeting the full spectrum of political, social, commercial and financial aims reminds me of some of the early discussions of "Circles of Trust". Those discussions turned out, in the fullness of time, to be useful in understanding the fundamental concepts and building blocks of federated systems, but not the basis of a single architectural blueprint for all use-cases.
 
Yrs.,
Robin
 
On Sun, 31 Jan 2010 13:47 -0600, "Michael Duffy" <thetrustnexus@austin.rr.com> wrote:
Just to be clear, the Institutional Web of Trust may not be a product.

Our vision is that the identity infrastructure and services would be one corporation and the financial/marketing infrastructure and services would be another.  The identity infrastructure will be created with government resources and be managed to a great extent as a public trust.  Even though we have pending patents on this infrastructure and processes, the anti-trust considerations will be significant.  We will have a monopoly on identity authentication and we expect significant government oversight of that monopoly.
Robin Wilton

Director, Future Identity
Director of Privacy and Public Policy, Liberty Alliance


www.futureidentity.eu
+44 (0)705 005 2931
====================================================================
Structured consulting on digital identity, privacy and public policy
====================================================================
Future Identity is a limited company number 6777002, registered in England & Wales