Work

Kim Cameron's 7 Laws of Identity

I ran into Kim whilst working on a military remote access solution in Europe. Kim came up with the 7 laws of identity. He also designed Microsoft's Active Directory, and drove identity federation and cardspace. His blog is here.

User control and consent - technical identity systems must only reveal information identifying a user with the user's consent
Minimal disclosure for a constrained use - the solution which discloses the least amount of identifying information and best limits its use is the most stable long term solution
Justifiable parties - Digital identity systems must be designed so that the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship
Directed Identity - A universal identity system must support both "omni-directional identifiers for use by public entities and unidirectional identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.
Pluralism of Operators and Technologies - a universal identity system must channel and enable the inter-working of multiple identity technologies run by multiple identity providers
Human Integration - The universal identity metasystem must define the human user to be a component of the distributed system integrated through unambiguous human-machine communincation mechanisms offering protection against identity attacks.
Consistent Experience Across Contexts - The unifying identity meta system must guarantee its users a simple, consistent experience while enabling seperation of contexts through multiple operators and technologies

See also: U-Prove (which came after Windows CardSpace was discontinued).