When I first read this summary, I was thinking along a completely
diffferent path.  This article has some good points, however as
usual it seems to focus on the people who are using identity
information outside of the control or involvement of the end-user.

As a side note, this reminded me to document some of the current
limitations in directory technologies that I believe are continuing to
hinder directory-based identity solutions.  Two of these
limitations are:

• Directories lack temporal versioning of attribute information and
  values.  If you consider identity of a person over time, there are
  numerous attributes that will change and evolve with that person as
  they grow and proceed through life.  So height, weight, income,
  home address, employer … all of these are attributes that change at
  various rates.  A directory must have the ability to record the
  changes allowing a persons identity to be viewed as of any date/time in
  history.  An example of where this becomes powerful is for when we
  are asked for our three previous jobs, or prior addresses.
• Directories also lack attribute aliasing.  We all have
  identity attributes that are given different names in different
  communities … but they all point to the same identity
  attribute.  This could be as simple as the attribute name in
  different languages, to completely different words or references that
  point to the same attribute:  Salary vs. Annual Income

Anyhow … I still do like using directories … they just have to evolve forward to contain some additional capabilities.

Identity: Find it before federating it.
These Avanade consultants say identity federation has merit, but it’s
not a panacea for fixing problems with identity complexity. [Computerworld Software News]