[Wg-p3] Open vs Closed? [was: Wg-p3 Digest, Vol 3, Issue 22]

Stephen Wilson swilson at lockstep.com.au
Tue Sep 22 13:42:38 PDT 2009

I believe that the difference between Open and Closed is arbitrary. If 
we're not careful, the pursuit of "open" identity on the presumtpion 
that it is intrinsically better than "closed" might lead to a repeat of 
some of the mistakes of traditional PKI.

It's all relative. What is "open" to one person can seem "closed" to 
another. What matters in all cases is that there is a set of business 
rules (and contracts or regulations) that governs conduct within the ID 
system, what your identity means, what you do with it, what you're not 
allowed to do with it etc. Establishing these arrangements in "open" 
systems has proved prohibitively complex in orthodox PKI.

I presented a paper to the NIST IDtrust conference last year that 
examined the history of PKI. I drew lessons from the newer ideas of 
identity plurality, and urged that the quiet obsession with open PKI be 

"One deep implication for PKI of identity plurality is
that it inverts the expectation that closed PKI is a
compromise while open PKI is the proper long term
goal. On the contrary, we should now appreciate that
open PKI would be a special and highly theoretical
instance. It is the closed PKIs – each with its own
arrangements and business rules – that represent the
general case."
See http://tinyurl.com/pk-super

That is, in my view the most useful ID systems are always closed, 
because risk management is then transparent, everyone knows where they 
stand, and best of all, we can usually map digital identity rules back 
on to 'real world' identity rules which makes for seamlessness. The 
notion of an "open" ID system -- where total strangers can make good use 
of your ID and "trust" you for ... well ... anything, is too much 
trouble to be worth pursuing in practice. You cannot do a Threat & Risk 
Assessment on a transaction system when you haven't circumscribed all 

The general case should be an identity paradigm which spawns a plurality 
of local "closed" communitities, rather that the special case of one 
giant all purpose singular digital identity.

Regarding that will-o'the-wisp of "interoperability", if you need to 
operate in two communities then in general, there are two ways to go. 
Either (1) join the two identities together so that they both use the 
same identity, or (2) maintain two separate identities (like having 
separate Visa and Amex cards).



Stephen Wilson
Managing Director
Lockstep Group

Phone +61 (0)414 488 851

www.lockstep.com.au <http://www.lockstep.com.au>
Lockstep Consulting provides independent specialist advice and analysis
on digital identity and privacy. Lockstep Technologies develops unique
new smart ID solutions that enhance privacy and prevent identity theft.

> Message: 1
> Date: Mon, 21 Sep 2009 11:55:31 +0100
> From: Mark Lizar <info at smartspecies.com>
> Subject: [Wg-p3] A Suggested Policy Demarkation Point: Open Vs. Closed
> 	Identity Systems
> To: wg-p3 at kantarainitiative.org
> Message-ID: <880B404E-0F39-4EDC-B906-28D70465CFC9 at smartspecies.com>
> Content-Type: text/plain; charset="windows-1252"; Format="flowed";
> 	DelSp="yes"
> Hello All,
> I have been pondering the merits of a more explicit policy paradigm  
> between open vs closed id systems, and a discussion about this for the  
> working group.
> The issue being that public policy in closed identity systems or  
> systems with limited user driven/managed/volunteered access, needs a  
> different type of policy than open, user controlled systems.  In  
> addition, I wonder if this type of conversation may actually provide a  
> very useful distinction for Kantara driven activities?
> Behind the distinction of open and closed there is a great deal of  
> ideological, philosophical, technical, jurisprudence, and sociological  
> thought that can be sorted and contributed to both sides of the open  
> and closed identity paradigm. A discussion in this light might reveal  
> a significant difference in public/privacy policy needed for these  
> very different types of applied identity technologies.  From what I  
> understand a great deal of the work done in Kantara is for open ID  
> systems?   Does an open identity system need different levels or types  
> of assurance for privacy than closed identity systems?
>   Eg. Open Id systems, social networking is user controlled, adequate  
> tools need to be in place for the user to control the policies and  
> these policies need to be enforceable by the user.  Even against the  
> owner of the social networking site.
>   Eg. Closed ID systems, enterprise, healthcare, id cards, drivers  
> licenses, phone numbers, direct marketing. A policy explicit example  
> for the use of a closed id system may be the need to mandate against   
> function creep and designed around very specific to purpose etc. (use  
> Uprove technology etc.) With risk management, different types of  
> public usable transparency, access, and control is more specific to  
> constitutional rights, rather then contract rights.
> Do others think this would be a useful distinction to make and point  
> to discuss?
> Overall, it seems current events are pushing the agenda of this  
> working group, starting with the Open ID/Inforcard initiative, and the  
> letter this group has worked on for ICAM.  Now the news of this round  
> table, the FTC roundtable can also be used as an ?agenda driver? to  
> get things moving, in this sense I think it would be difficult to  
> develop policy with any force or meaning, if the policy didnt first  
> engage with the wider Kantara community. I propose that we use the  
> roundtable as an opportunity to take the FTC questions, develop a  
> survey pilot it in our working group, then vote on passing the survey  
> around the working groups to start a process of developing a common  
> policy platform for this working group.
> My two cents worth,
> - Mark Lizar

More information about the Wg-p3 mailing list