Hello RIT,
> Centralized federation, will be a major part of the
> overall picture(B to C and B to B), but the features of
> federation will allow for true P to P as well.
Im my research and interaction with people building these systems, they start to understand that centralized federation breaks down early on when you want to add extended attributes and information to an object which doesn't exist in your directory ... but instead resides in a federated partition. In these cases, you begin to have to create a "duplicate"object in your directory to store the extended attribute information ... and at this point you might as well just have a duplicate object.
Second to this, is the requirement or desire to access the information forever. I'll bet that you can't show me a company that would allow a customer to delete all their information at any time ... something that can occur if the user removes the federation rights. So all of the implementors that I am working with recognize that in a centrally federated architecture they are going to "cache" copies of all objects ... so we are back to having duplicates ...
In the end, in all cases that I have discussed specific implementations vs. "bluesky" discussions, the implementors have realized that centralized federation is not going to solve their needs. Sounds great ... but too many side effects.
> So you can 'trust' your friends to access your computer
> across the net, while your credit card transations are
> validated by people like AMEX. We may even get to the
> point that AMEX uses details published by your own system.
And this is a good example. In my conversations with credit card companies, they are not going to allow the user to "federate" ... they are going to be the owner of the user object ... in their directory.
As for users accessing my personal directory, very few people in the world will *ever* directly access my personal directory. Instead, I will be sharing my information through an intermediary directory. You'll be able to get my identity information through, for example, a Silicon Investor directory ...
I'm not interested in giving people access to the machine and directory where all of my personal and confidential information is stored ... just a security perspective. You might feel just fine about it ... ;-)
Scott C. Lemon |
