Why Standardized Identity Solutions isn't going to happen

[Anders Rundgren]

Standardizing credentials like Information Cards and PIV is feasible.
Standardizing provisioning of credentials is not.

Why is that? Because provisioning is 10 times more difficult since it offers a gazillion options and some of them go deep into the platform itself.
An SDO would take on all variations and will thus create a useless "monster" specification.

In addition, the openness among the "Big Three" is essentially zero when it comes to what they are actually doing in the provisioning field and that also makes standardization futile.

So unfortunately for us who do not work for the "Big Three" there's nothing to do except waiting another 5-10 years and see which one of the coming provisioning solutions that survives on the market.

Just to make this at least a tiny bit exciting, I continue with my Open Hardware/Open Software universal authentication client project.
I'm still unconvinced that the "secure silicon" vendors' NDA approach really is the future but that's just my gut feeling FWIW.

Anders