Last week's newsletter on the Liberty Alliance (see link below) brought in a number of responses. Most agreed with the sentiment expressed by the consultant whom we quoted in that issue. He wrote: "There's little value to the consumer, and consequently, little on which to build a business case to justify the cost of creating federated circles of trust."

Initially, the organization spoke often of establishing consumer-oriented Circles of Trust to enable single sign-on and the exchange of identity data among and between consumers and vendors over the Web. As its press release (http://www.projectliberty.org/press/details.php?item_id=3) announcing the group stated:

"The charter members of the Liberty Alliance Project, representing a broad, global spectrum of industries, intend to create an open, federated solution for network identity - enabling ubiquitous single sign-on, decentralized authentication and open authorization from any device connected to the Internet, from traditional desktop computers and cellular phones through to TVs, automobiles, credit cards and point-of-sale terminals. The alliance represents some of the world's most recognized brand names and service providers, driving products, services and partnerships across a wide range of consumer and industrial products, financial services, travel, digital media, retailing, telecommunications and technology."

We noted in the last issue that we are still waiting for the consumer-oriented Circles of Trust. And so too are the biggest cheerleaders for the Liberty Alliance, including Ping ID's marketing guru Eric Norlin, who was quick to respond to the article. He wrote:

"I think your reader's observations about a 'consumer-facing' circle of trust are pretty accurate. I don't see a ton of 'consumer-facing' federation initiatives. What I *do* see are a ton of B2B/B2E federation initiatives.

"The heterogeneous nature of Global 2000 IT (and sheer complexity) means that these guys are looking for very tactical ways to do integration (at the user, app, partner level) - and they want to do it with minimal impact (i.e., loosely coupled). All of that adds up to federation being a very natural choice.

"Important to note: Enterprises doing real implementations in the B2B (esp. North America) space are *not* looking for 'multi-protocol' federation. The reason is simple - federation's reason for being is to reduce complexity, and federation is seen as a piece of the larger [service-oriented architecture] picture. To implement a multi-protocol federation is to architect a greater degree of complexity into your future. It is, in effect, to *negate* the fundamental value proposition of federation and lose the immediate and tactical benefits. "

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.