It's not quite the end of January, but there's already alot of "new" in my new year.  There's a  new car, some new gadgets, and on the work front a new project and a new team.

As you may have heard, Charles Fitzgerald, left Microsoft to head to a startup. Charles was the GM that my old team, platform incubation, reported into. Charles set the mission for that team, and was the major stakeholder for Tafiti and several other internal facing projects that I worked on. Charles was a great GM, and while this is a loss for MS, I'm confident we haven't heard the last of him.

With Charles' departure, Scott and I will be moving to different roles in the company. I am happy to report that I am now officially part of Simon Guest's team.   

One of the few negatives about my last role in incubation was that it was inherently secretive, as parts of the work could be patented. As a result, after delivering my book on CardSpace I mostly dropped off the public scene, save for promoting Tafiti. With Simon's team having a key focus on talking about architecture with the broader community, this is something that will change, and you'll see me engaging more publicly on architecture related subjects. Simon's team has a big focus on Software+Services, which if you've read the blog for awhile know is something I've been looking at for some time in and outside of Microsoft. Expect to see me blogging more, podcasting/screencasting more, and writing the odd article or two. (No more books for awhile, though. Having written or co-written 3 books in 2 years, I've committed to my wife not to start another one until 2009)

I also mentioned there's a new project. I'll be carrying over a project with me from incubation to Simon's team as well. Nothing I can share at the moment, other than it will be public focused and it's going to be a key focus for me for a good portion of 2008.

While this project is big, there's another project I'll be working on that's even bigger.  This is a longer term project, estimated to last decades with a budget estimated to be in the seven figures. Oh, and it has nothing to do with software. My wife and I are expected our first child, a son, to literally arrive any day now. While there's alot of great 'new's in 2008 already, this will surely be the best.

Here's hoping your 2008 is going well, and I look forward to engaging with the community more broadly once again.  If there's anything you'd like to see me engage on - be it in blog, article, or podcast, let me know. As always, I can be reached at mmercuri@microsoft.com

When we released Tafiti, I had a chance to sit down with Beet.TV for an interview/webcast.

This can be found here: http://www.beet.tv/2007/09/tafiti-microsof.html

The link to the standalone video can be found here: http://blip.tv/file/377555

Note: this was before we added the limited edition Halo skin to Tafiti. To get to the UI listed here, use the link in the upper right corner of the UI.

Mercuri's "Services SLA Paradox"

Paid services haven't taken off because there aren't SLAs from Service Providers.
There aren't SLAs from Service Providers because people aren't paying for services.

-----------------------

When someone gives you something for free, they have no obligation to you and you have no recourse if something goes wrong. When I was a student, if I was moving to a new apartment, my friends would would help me pack up my old place, load the truck, and unload it at my new apartment.  Sometimes people would show up late, sometimes things would get broken, but hey, they were doing me a favor, so I had no room to complain.

When I move now, I hire a moving company. Why? Because my time is more valuable to me than it was 15 years ago, and I also have much more expensive stuff.  If I was scheduled to move out of a house on the 31st, and the mover's truck broke down, I'd want to make sure the company could swap in another truck from their lot. If my $4,000 television is dropped, I want someone who's insured and who's going to make it right.

Today, we have a number of people giving away services - Google, Yahoo, Flickr, Amazon, StrikeIron, etc.  While there are exceptions like Amazon and StrikeIron that are doing some good work in the utility services space, where they're doing metered usage, I've had a hard time finding SLAs anywhere else. People are doing interesting mash-ups with 'free stuff', but is anyone willing to put free stuff in their application for any key piece of functionality? If you do, and you don't have SLAs, you're a gambler, and for your sake, I hope you're very lucky.

At the Web Builder 2.0 conference held earlier in the month, Day 1's keynote had a speaker who talked about Ajax and mashups, using his company's product as an example.  At the end of the presentation, he opened up the floor for Q&A, at which point I asked him two questions - "what about SLAs" and "what about federated identity".  The answers? 

SLAs: These services are free, so there are no SLAs.

Identity: These services (Yahoo) are free, so that's not an issue.

I find it amazing that people don't pro-actively address the SLA and Identity issues, and I find it borderline irresponsible that 'experts' ignore or wave off these questions when raised. The need for SLAs should not be such a surprise, people who've spent time looking at the space at this have written about it, myself having done so back in 2001  ("14 Best Practices for Selecting a Web Service Provider", 2001, .NET Magazine, Fawcette) Yes, it's cool to include maps, search, and images in my application but if the service code go down - or disappear entirely - at any time, for many scenarios they're a non-option.

If you want to use services for anything real - and by real I mean something you'd use in a key area of an Enterprise or Commercial Software/WebSite - you need to have a Service Level Agreement. Using a service effectively moves a third party from being a vendor to being a business partner. The service provider controls the hardware, the bandwidth, the support, etc. but the service interactions are exposed through your application, with your brand, and your reputation attached to it.

With today's lack of SLAs, if the service goes down for an hour on Thursday, it goes down for an hour on Thursday. Moreover, there's no guarantee that the service is going to be around for a week, a month, a year, etc.  Google just announced (http://news.com.com/2061-10812_3-6145053.html) that they're no longer taking on new customers for the SOAP API they'd been offering. They're moving new customers to an AJAX API. If you were evaluating this and building this functionality into a spec for a smart client application you were developing, and now it's gone, sorry charlie. What were you expecting? You're not paying for it, so you can't complain. Without an SLA, no promises are ever made  made by the provider, so there are no promises to break.

My argument is that SLAs are late to the game, because people aren't paying for services and people aren't paying for services because there are no SLA's. Something I've shamelessly named 'Mercuri's Services SLA Paradox'.  There are some positive movements in the right direction - Amazon and StrikeIron come to mind - but they are definately the exception and not the rule.

If you're like me, you'd like to be able to leverage and mashup services that you can depend on. If we collectively don't stand up and insist on these, we're stifling innovation. I challenge you to ask the providers - at conferences, in forums, online and in person - "What is your SLA for your services and what will it take/cost for you to offer me this service in a dependable fashion?"

I did four things this weekend - (1) I read some comments on blogs regarding what people thought Information Center was (and their expectations),  (2) did a fair amount of usability testing, (3) wrote alot of code, and (4) consumed more diet coke than any individual should in a 48 hour period.

I've had feedback from alot of people both direct and through comments I've read on various sites, that they'd really like to be able to use this for more than just technology blogs / podcasts. There were *alot* of people who said they'd like a new tool to manage their podcasts specifically.  I listened and I made some significant changes such that I think this is going to meet expectations. You'll see in the screenshots below sites that are distinctly non-technical, like NBC's Meet The Press and YouTube's Top Rated feeds. You'll also notice the guide now lists *alot* of non-technical categories. Alot of people were asking for this, so I rolled this in as a core feature in the first CTP vs. delivering it later on. 

I've totally overhauled the UI, and for the first time since Information Center's inception, I'm really happy with it. One challenge was in providing as good as an experience for text based content (standard blogs) as media, the other was integrating subscriptions, subscribing, sharing, and mixing in such a way as it was intuitive. I really think the UI is finally there. I've taken a number of screenshots from my testing today and have placed them below so you can see for yourself.

In addition, you'll notice there are graphics for the blogs that are there.  Where are these coming from?  Images will be pulled from the relevant tags for the channel in core RSS (seen in my blog below), iTunes extensions (seen in Meet The Press and MajorNelson.com), or NewsGator extensions (seen in Channel 9).  For those sites that do not specify a channel graphic, it will go to a default (see YouTube below)

I also had a fair amount of comments around the browsing window. Specifically "What if I want to watch the video in a bigger window?"  What's not visible in the screenshots - but it's there, I swear - is a slider.  The upper section (video/blog description, image, description) and the list of items are on two separate panels. You can extend either as much as you'd like. Once you click on an item, it determines you current window size and resizes the embedded media player appropriately. You'll also note that the video/blog area is large in general.  This works out particularly well for text blogs, as you can extend to the full screen to read.

I've also been building out a tool behind the scenes which I call FeedCenter/FeedStation, which is helping me manage all of the feeds behind the scenes as well.

So - if you've ever done consulting or project management, you're familiar with the trade-off triangle. For those unfamiliar, you have time, resources and features and impacts to one area have carry on effects on others.  In this case, the UI has been re-done and locked down and this can be used for lot's on non-tech content much easier now - but it's pushed this back a few days more.

This is a slow week at the office, so should be able to freely crank this out in the evenings and turn it around soon.

Please keep those comments coming - mmercuri@microsoft.com - as you can see by the accelerated inclusion of non-tech content, I really do listen

Cheers,

Marc

Consistency in tags is something that's a pre-requisite for the opportunity to do something meaningul with context, affinity, and trust for the next generation web. 

There's a blogger from Australia who had run across the DotNetRocks podcast, and had some questions about what InfoCenter is and what InfoCenter isn't.   Quite frankly, I've been amazed at the response, considering the CTP isn't yet evailable.

At any rate, one of the questions that came up was around the value and/or role of the aggregator of feeds  - not just software, but the humans who inject domain expertise and experience in putting together an aggregated blog. People who involve software and people to bring together a noise-free, targeted feed.

For this, I look to the last letter in RSS? That S stands for Syndication.  Effectively, the way I see the world is that every blogger is a production company, generating syndicated content. While we can broadcast our own content via our blogs, there's also interest in repackaging our content and leveraging it in other places.

Just like in television, people generate revenue by hiring program directors / editors that compile a group of syndicated content into a product or programming schedule and sell ads based on viewership.

While the underlying value is in the content, there's tremendous value in the aggregation of particular content by people we trust and who we hold up as experts in a particular area.

We all have the opportunity to become program directors of RSS content, what needs to be figured out is how the revenue stream works back for the creator of the content.  In the syndicated television world, you buy rights to a show for a particular period, for a particular market. The payment, as I understand it, is established up front.

On the web, it would seem this would be more fluid, and as a result there needs to be a way for either the syndicator to specify ads to be shown in conjunction with their content, or for networks/program directors to provide incremental revenue back to the networks/program directors.

Awhile back, I wrote about how Wikis and community sites would be our new memorials (Wiki as memorial? http://www.marcmercuri.com/PermaLink.aspx?guid=0f22d71f-8eed-4f32-a1da-7ced952bc97f).  In that piece I commented on how Wikis and community sites like MySpace and space.msn.com would become the memorials of the digital age

“If you look at spaces.msn.com and myspace.com, you're starting to see the dawn of things happening.  What is 'cool' for todays teens will become institutionalized, and we'll start to see people taking technology in interesting places to build these interactive histories and memorials.”

I ran across an interesting article this morning on the Associated Press wire “MySpace generation preserves memories online“(http://www.msnbc.msn.com/id/13526522/).

It looks like it's starting...

One of the things that was announced at TechEd was that was has been known as WinFX is being re-branded as .NET Framework 3.0.

Some folks have some questions about what this means, so I wanted to provide some clarifying info on this.

The .NET Framework 3.0 will still be comprised of the existing .NET Framework 2.0 components, including ASP.NET, WinForms, ADO.NET, base class libraries, and the CLR, as well as new technologies Windows Presentation Foundation (WPF), Windows Communication Foundation (WCF), and Windows Workflow (WF).  In addition, we have made a decision to name the technology formerly codenamed “InfoCard” as Windows CardSpace (WCS).  Windows CardSpace will also be a component of the .NET Framework 3.0:

We announced this over the weekend through Soma's blog, and the two questions that I'm hearing are -

If you saw Craig McMurtry's demo for the Xbox 360 finder earlier this year, you saw an interesting phenomenon.

In that example, he built out an app that queried for the availability of Xbox 360s at certain electronics resellers.  In theory, once the Xbox360 was acquired, the app would have served its purpose and be deleted. There would be no v2 (until perhaps the release of the Xbox 720). This poor app's existence was to be short-lived by design, and to be honest there's something cool about the state of software and services that this could be done. 

Today, I saw another one of these cool apps with an intentionally short lifespan.  Checking my email this afternoon, I saw that a colleague had forwarded me a link to download “Microsoft Soccer Scoreboard” (hopefully the internationalization team called it “Microsoft Football Scoreboard” for folks installing outside the US)

World Cup is upon us, and for those of us who left the 62 inch HD screen back home to go to TechEd were wondering where we would get our World Cup scores and reviews. For those who want up to date information, scores, tables, RSS feeds, etc.  You should check this out - the link is here:

-----------------------

Follow your favorite teams and players during the FIFA World Cup tournament with Microsoft Soccer Scoreboard. This fun program allows you to access all the latest tournament news and information with the click of a button! Live game data allow you to monitor your favorite teams progress in real-time. Want more? Check out your team’s fixture (schedule), standing, and news as they advance through the tournament. If you are a soccer fan, don’t miss a minute of the action.

Note: You can share this with everyone!!!

Download Microsoft Soccer Scoreboard today!

http://www.microsoft.com/downloads/details.aspx?FamilyID=df6a6e6e-21af-4786-ad1d-a38e8bfda82f&DisplayLang=en

----------------------------

For those who also want to check out the matches on someone elses big screens, you can try the Thirsty Scholar. I haven't lived in Boston for a few years, but when I was there for the last World Cup and they - and their taps - were open early, and the place was filled with fans from every country, who knew every song, and came in the type of gear you're used to seeing in Europe.  I checked their web site and it looks like they're doing the same this year. http://www.thirstyscholarpub.com/

If you only go to one Chalk Talk at TechEd this year, check out this one. 

Anyone who's worked in a large Enterprise is familiar with the challenges of getting new machines provisioned and available in a reasonable amount of time. Typically the wait is days/weeks/months. Credit Suisse has solved this problem, and Leslie Muller will be discussing the Virtual Machine Provisioning System that was built and deployed  earlier this year using WF, WCF, Virtual Server, ASP.NET, and AzMan.

I've had the privilege of being involved in this project, and I think this session will be great in a couple of respects. It's an opportunity to go beyond the samples and the case studies and listen to an Architect at a Fortune 50 customer who's developed and deployed WinFX successfully. It's also a great opportunity to connect with Leslie, who is a thought leader and is doing some very interesting, very impactful work that transcends verticals.

Full abstract and location details below: 

Abstract: Credit Suisse Group is a leading global financial services company, providing clients with investment banking, private banking and asset management services worldwide. Like in most enterprises, Credit Suisse provided their developers with physical machines for development. Issues such as combination of authorization, physical delivery times and compliance-related workflows led to slow development timeframes. Their R&D group built an extremely extensible self-service virtual-machine provisioning system that enables software developers in a fraction of the time to easily, securely and rapidly provision on-demand disposable workstations, servers, and multi-tier environments. Credit Suisse will exponentially increase software developer productivity, drastically lower IT costs and ensure compliancy with continuously stringent regulatory requirements. The solution uses Windows Workflow Foundation, Windows Communication Foundation, and Virtual Server.

Speaker: Leslie Muller (Architect - Credit Suisse Global R&D)

Location: TechEd Boston, Thursday 6/15/2006 from 10:15-11:30 in Theatre 2.

NOTE: There is a political refernece below, as it is a topical situation that got me thinking about trust communities in search.  This blog is a-political, and the scenario is used as it is the one that sparked the idea. I take no stance on whether the claims made by Mr. Snow are valid/invalid.

I was reading some news sites this week, and was reminded that this was the first week of US President George Bush's new press secretary, Tony Snow. 

Before he gave his first press conference, he did something interesting.  He sent out press releases questioning the validity of comments made by the New York Times, USA Today, and other publications.

So this got me thinking.  Playing devils advocate, suppose that he's right. If I trust Tony Snow (based on his historical record of trust worthiness), I may now discount results from these media outlets in favor of others.  But for me to discount these sources when searching, I can't. Even if I cease to trust them (or trust them less), they show up in the the rankings per Google or Microsofts opinion of their relevance.

The search engines from Google, MSN, and Yahoo have their own algorithms to consider relevancy. One of the things these search engines do provide is a level of filitering for “safe content“, blocking out material that may be considered objectional (i.e. these block pornography results). 

What they don't do is consider in the rankings is the levels of trust of an individual or of community. What I want to see is something that goes to the next level, don't just block what's objectionable, show me the results that are relevant to me based on trust.

Perhaps one of the media outlets Mr. Snow referenced, let's pick a fictional name, say MakeBelieveReporting, Inc., is regularly mis-reporting information or is slanting stories towards a particular political viewpoint.  I may cease to trust that organization to provide news to me, and would like to rank them lower in my personal results when searching for news, if not remove them altogether.

When I search for news, perhaps there are certain stations / periodicals I trust - for example the Wall Street Journal, the Financial Times, CNBC, and my friends John Smiths blog. These are entities - regardless of web site traffic or the opinion of the search engine I'm using -that *I* trust to be accurate and provide me information.  I do not, however, want results from news outlets that are part of MakeBelieveReporting, Inc. as I have ceased to trust them.

What I'm thinking of isn't based on assumed trustworthiness based on click traffic, this is based on trust relationships.  Even if I visit a site twice per year, it could be far more relevant to me than a site that is viewed more regularly by others.

And my community of trustworthy providers could be extended based on the feedback of those people I trust. 

There's the concept that if person A trusts person B, and person B trusts third party C, that person A shoud likely trust Corporation C based on the fact that he trusted person B's judgement.

In the previous example, I trust my friend John Smith who writes a blog.  If John trusts the Crosby Herald, and I trust John, then I too could trust the Crosby Herald and have it included in my community of trust that is reflected in my search results.

Think about the days before Axciom, TRW, and credit reports. People vouched for other people to get jobs, apartments, loans, etc.

When you sign for a loan and you are not a known entity, you need a co-signer or guarantor. The bank says, I don't know if I can trust this person, but I trust the co-signer.  The co-signer also trusts the loan recipient to pay the money back.

If someone co-signs for a loan for me and I decide not to pay it, there are financial responsibilities that are then taken on by the co-signer. The co-signer will trust the recipient less, as a result of mis-placed trust, the bank may stop trusting the co-signer's ability to identify a trustworthy loan recipient.

In another example, suppose you make plans to go out to dinner with your spouse on Friday night, and when you ask her where they'd like to go, she says “you pick - I trust you.“  If you're new to the area, you may ask a colleague - whom you trust - for a recommendation of a local restaurant. If you go to the recommended restuarant and you end up getting food poisoning from the meal, you probably will not look to your colleague for advice on restaurants in the future - and you - who vouched for the restaurant -will likely end up at a restaurant of your spouse's choosing next time around.

Your spouse trusted you, you trusted the colleague and when the information relayed turned out to be bad, two things happen. You cease to trust the advice of the colleague (atleast in the context of cousine), and your spouse trusts you less as the broker of the information.

Once you start adding in trust, you also need to be able to trust in context.  That same colleague from work may not be someone I trust on picking restaurants, but may be someone I look to as a source on technology subjects.

What we need is search that includes both consideration of these communities of trust, where we as participants in the web determine who is trusted and who is not, and provide the ability to apply trust in context.

By introducing contextual trust as a first-class citizen in search, it has the opportunity to both provide results more relevant *to me*, and as trust=traffic=revenue, provides a financial incentive for providers to be trustworthy.

That's my two cents  - what do you think?

As long as I'm blogging about cool stuff, have you seen RoboCast yet?

http://www.francisshanahan.com/robocast/

Francis Shanahan has put something together that's pretty cool.  It will take your blog entries, “read them” using the Speech APIs, and record the audio as MP3s. Effectively taking written content and making it a podcast, no human voice work required.

When I first saw it, I thought - pretty cool. When I thought about it a bit more, I realized it opened up the option of podcasting to individuals who may not have the opportunity otherwise due to certain disabilities. That takes it from pretty cool to very cool for me.

Ok - this has nothing to do with WCF or WF, but I've got tell you about this great piece of software I'm using called Orb.  As you may have gathered from my blog, I travel.  Alot.

Even though I have a MediaCenter PC, a TiVo, and a ComCast DVR, up until recently I haven't had remote access to my recorded content.

While on my last trip (Las Vegas, Notes2.NET Conference), I picked up a Slingbox for use on this conference (FinServDevCon) While the slingbox is cool, there was more that I was looking for. Orb gave it to me - and it was free and installed in <5 minutes.  I'm currently working on this entry while watching a recorded show on my home machine from Comedy Central streaming to my laptop over the hotel internet connection. Now I work at Microsoft, and I've had friends who had streaming video to their phones 2 years ago - but this is something anyone can set up and get going in minutes.

If you travel alot and you've got a media center, you should definately check out Orb (www.orb.com). 

Over the weekend, John Vlissides, one of the 'Gang of Four' passed away. In an interesting use of wiki, a memorial has been put up where people are placing anecdotes.  http://www.c2.com/cgi/wiki?JohnVlissides

In a connected world where we regularly interact electronically with people beyond the borders of our respective geographies, the traditional ability to mourn and share rememberances as a physically congregated group becomes less realistic.  The need to mourn and share remembrance remains, however, and it will be interesting to see how the same technology that facilitates the connections is re-mixed to facilitate handling disconnections.

I found the Wiki As Memorial interesting, and thought back to the funerals and wakes I've attended in the past. The major focus was on celebrating the life that had been lived. While written anecdotes and stories will always have their place, when I looked back what I remembered most about those events was the stories, the facial expressions, and the tid bits of family history that would leak out.  Those small stories that may not be long enough or meaty enough to warrant writing down, but trigger a succession of smaller stories that define an individual,  a significant event, or a shared understanding. All of which is lost in words alone. 

If you look at spaces.msn.com and myspace.com, you're starting to see the dawn of things happening.  What is 'cool' for todays teens will become institutionalized, and we'll start to see people taking technology in interesting places to build these interactive histories and memorials.

Digitized media - and the rapidly decreasing costs to create and share it - mixed with third party content is how I think we'll handle it. Recording our stories, storing them in a shared media driven Wiki/RSS hybrid, linking them to information in third party stores and sharing them out to a set of individuals be they friends, families, or the world. 

There are certain stories that only come out at events like weddings and funerals, and are relayed so much better by the people who lived them and/or were impacted by them. Imagine a personalized Encarta for your family, with pervasive digital media story telling from events like these, with links to relevant information (i.e. information on where the individual came from in Italy), with links to similiar sites of their friends. Imagine taking the evolution of the spaces concept forward 10,20,50 years and the rich media historical tapestry you end up with.

I've had an interesting day today. Checked into the airport this afternoon, and had a debate with the woman at the counter about my reservation. I received my ticket and was surprised to see I wasn't sitting in business class.

The funny thing is, I had an itinerary and record locator that indicated that I was in business class, but our check in clerk claimed I didn't.

A quick call to her supervisor came back with a confirmation that I did not have a business class seat. The options - take a business class seat for another $200 Euros or take a seat in coach. There was some additional discussion on my part, but I was amazed at how uninterested and unhelpful this particular individual was.

Before leaving the desk, I requested that she use my air miles card from a partner airline. Her response, which struck me as a bit odd, was that there was no need, as I was a gold member.

I begrudgingly took the coach seat and made my way to security. While in line I was thinking about her comment about my being a gold member. While I'm gold on other airlines, this (and the partner) weren't one of them.

I rechecked my ticket.  Not sure who Vincent Mercier is, but he sounds a bit more French than this guy who grew up in Tewskbury, MA and knows just enough French to be either polite or offensive. I returned to the desk, pointed out the mistake and  had my business class ticket in hand.

When sitting in the airport lounge a bit later, I thought about what had just transpired.  Air France has asked initially for my passport, to check claims of identity. That claim wasn't used successfully by the requestor, and a secondary claim - my reservation locator - was provided. Again, this wasn't used. Without success, the workflow required an escalation to another service - the supervisor - and again there was a failure. Here it was based on the information provided by the initial requestor.

It stresses the potential for a breakdown in an identity valdation scenario which involves a human component. The difference between Vincent Mercier and Marc Mercuri is fairly  obvious, but the check-in cleark may have done some faulty pattern recognition based on seeing MERC in both.

Had this been a machine driven interaction, this would likely have gone flawlessly. A selection of destination city would have been used to limit the number of potential name matches and from that subset, the name would have been valdated either 1:1 or possibly with something along the lines of a Soundex).

What makes this breakdown of 'the system' incredibly alarming is that there was no validation of claims from that point forward - once ticket was in hand, I had free access to the system, boarded the plane, disembarked in Paris and am now in my hotel. 

Sure, I provided the token assigned by the airline (a boarding pass) at security - but there was no requirement/check of my passport.  If I had continued through with my initial, erroneously issued token (the ticket in someone elses name), I would surely still be in Paris eating the French interpretation of Cajun Chicken wings.

In this specific context, an identity breakdown has horrific potential. Suppose the mistaken identity had occured not with a guy less interested in connecting systems as disrupting them -  a terrorist.

There were no further checks for identity (intra-EU flights do not have passport control), so someone who slipped through the system could now be freely traversing France.  Given the political climate here in Paris this week (for those unaware, there have been riots and indivduals setting fire to cars in France), it's even more alarming.

With the recent move to self-service kiosks for check in, the mechanisms I mentioned earlier are helping avoid this issue. Introducing some of the technology used there in the human interaction piece (i.e. scanning of passports and system retrieval of information) would help solve the issue, surely.

But that answer begs different questions. We do quality assurance of the software systems, but how do we and how much time do we do testing of the human components in connected systems? And once you've established your test plan, and you go to 'rtm' of the process/workflow, how do your federated users report bugs? In this particular instance we're not talkng about a situation that results in some bizarre behavior in an IDE,  we're talking about international security in the heart of Europe. The clerk surely isn't going to tell her manager, as it points out big mis-step on her part.  There's no contact information on the boarding pass or airline timetable. Going to the Air France web site, I went to the link to their corporate office, which is entirely in French.  I'm on a hotel internet connection at 90 cents per minute, chances are I'm not going to spend an hour navigating their site to let them know about the issue, resulting in an open loophole in a frequently used workflow with potential for failure far, far worse than any blue screen.

In this particular scenario, the issuance of a false token was an 'honest mistake', but suppose that it wasn't.  Imagine if a terrorist cell had someone working behind the ticket counter, what checks are in place to prohibit <i>intentional</i> bad issuance or trust violations?

This isn't just with transportation companies, it spans verticals. For example, if John Smith is caught owing $200,000 in taxes, and the workflow for resolving this dispute is handled by Bill Jones who makes $20,000 per year, John paying $50,000 to Bill Jones to make this whole matter disappear happens. Depending on the country, it happens alot.

These example involved a relatively simple workflow, this obviously gets more complex when dealing with interactons that run multiple partners/parties deep.

If you have a business with a high volume of transactions or high value transactions with consumers or areas with complex workflows , how do you / would you handle these situations? What types of SLAs and legal terms do you have in place to handle scenarios where a human taints the system with a manual violation of trust in a federated scenario?Feel free to speak in the third person and without corporate identities, I'm curious how/if this is being addressed.