| Snark aside, agree that identity is a complex problem- and compartmentalizing it into components with well-known lifecycles that have known failure modes is the right solution. The alternative- a single monolithic identity system? No, thanks. Note- large governmental IT systems underlying programs like Medicare and Medicaid are not operated by government employees, they are operated on a contractual basis by large IT shops. You just don't know who the operator is. That's arguably suboptimal- but a different conversation. To the specific question- what happens in this model when an identity provider goes into bankruptcy- the same thing that happens when any entity providing critical services goes into bankruptcy. When a consumer-facing bank fails (for instance), the bank's customers a) don't lose their money
b) don't lose access to banking services Their accounts are taken over by a comparable entity operating in the same geographical area. When a critical insurance provider fails, the other entities providing comparable insurance in the operating areas have to take those contracts (even if they are terrible contracts, which they likely are, because they caused the provider to fail). It doesn't always seem like it, but this kind of market partitioning and supervision is something that in the US both federal and most states do quite well. We should have more of it. Cheers. |