Have you read through the WS-* protocol suite docs lately? Have you perused the SAML or Liberty specifications for building federations? Have you tried to write an XML Signatures implementation? I’m tired of the complexity and vagueness of these protocols and specifications. I’ve implemented them and found no good reason (other than design by committee) for their shortcomings. The most successful protocols of the ‘Net tend to be simplest ones. Yet with the current trend of federation protocols towards complexity, it’s no big surprise to me that we have so many problems getting them deployed or interoping.
Protocol designers have a responsibility that needs to be taken seriously. They must design protocols that are easy to implement and understand, if at all possible. Furthermore, protocols must reflect the realities of the societies in which they are deployed. In the case of federation protocols, that means that the end user must be intrinsically involved in each transaction about themselves.
It’s time for things to change.