What I meant to ask was…

While the SPML in the Draft Liberty ID-WSF Advanced Client Specifications discussion continues, I want to go back to what I really meant to ask in my previous post.

(I have a tendency to jump ahead a few questions, skipping over what should have been asked first, and asking deeper knottier questions. Attribute this to my habit of jumping into the middle of river before figuring out how to cross it… once you are in the middle of the river, you tend to figure it out very quickly.)

Back to the question – what, if any, is the bridge between user-centric identity and “enterprise” identity? I can see somewhat of a bridge for companies selling federation. Andre has done a good job of explaining his consumer-centric authentication solution. I can see how Ping “backed into” this solution.

From the enterprise’s perspective, can user-centric identity be seen a ultra-federation? Certainly, the tooling needed to handle a federation of dozens of partners is very different from the tooling needed to handle internet-scale federation.

Perhaps the only true linkage is on the Relying Party side of things. “Enterprise” identity systems manage the back-end work; user-centric tools handle the conversation between user, RP, and IDP.

I’m in the middle of the river here figuring a way to the other shore; help me out if you can.