As part of an effort by the Identity Commons to create OpenIdentity People’s DNS kind of service - I hosted a couple of meetings at my house last week.
What especially seems apropos is that Joi Ito just posted something on Identity – which I know he’s been thinking about - for years. When I told Joi of what we were hoping to achieve – he simply said – make sure you support PETs (privacy enabling technologies.) So we did. Joi’s insights into why we need multiple digital IDs is right on and I think what we’re working on will help enable his world view.
The technical efforts of the Openidentity standard have been moving along well – so I wanted to make sure that we were grounded in a clear understanding of how we’d use this sort of system – as well. Drummond Reed, Nikolaj Nyholm and Fen Labalme have drafted a technical spec, which they’ll present to you on their own, and Owen Davis is leading a group effort to find funding for such a system. So I wanted to do my bit and pitch in on the ‘user experience’ side of the fence.
The idea of the Identity Commons is to provide some governance over the open standards for people’s identities. Sure there’s plenty of digital identity work going on with enterprises in mind – the WS-federation, SAML and the Liberty Alliance. But we need to make sure that we have our own identity system – to at least guarantee some modicum of sanity and control.
So as part of an effort to get our hands around marketing this sort of standard, I invited a bunch of you over to my home to discuss usage scenarios. Some of you even showed up! Matters got a little complicated when Lisa (my wife) broke her ankle on the day of the second meeting, but in general we were able to get some ideas down. So sorry for taking so long to create this summary, but I’ve been busy playing both daddy and mommy for little Mimi.
So here we go:
1. First of all – what is it that is being proposed?
A centralized DNS-like service for people. A way for disparate computer systems to connect up to the same person, a global sort of single sign-on system. YES – that’s what Microsoft’s Passport is all about, as well as the Liberty Alliances standard as well. But this will be OUR standard, for us.
The idea of the OpenIdentity standard is to maintain our own, protected database of people ‘pointers’ – which will in turn point to specific locations throughout the web – which may house an end-user’s resume, medical records or blog/web site. All access to these pointers and information will be strictly controlled, allowing each individual to decide who gets access to what.
So this is not about setting up some centralized database. This is about creating a ‘proxy’ server for people – a redirect server, which will keep track of the smallest amount of information possible about you – and simply point to where all the real data is…. The end-user/human can then completely control who sees what. New kinds of tools, services and applications can be built around this sort of standard.
2. Who’s gonna build this thing?
That’s what we’re figuring out right now. There will be a workshop on all this – next week July 20-22 in Sebastapol. For info on attending – please contact Owen Davis (owen@idcommons.net.) You’ll be asked to join the Identity Commons – if you wanna come and agree to some basic principles. Here are those principles.
The idea is that we’ll get a quick prototype demo up and running ASAP leveraging XRI (and Drummond’s years of experience with XNS), Nikolaj’s years of experience (in the DNS business) and Fen’s years of experience (in the world of privacy.)
3. Who’s gonna host it
We’ll eventually have servers around the world. There won’t ever be just ONE giant people server in the sky. These servers will interlock, inter-connecting with each other and support a decentralized, distributed model.
And we should look for commercial and enterprise sponsors – too. But we’ll be totally in charge of those servers. So Internet Archive, Tucows, the BBC, Hyderabad Assoc., Singapore, Inc and Tokyo University. Anyplace and everyplace.
4. Who’s gonna pay for it
Talk to Owen. Come to the workshop. Write a check. Help.
5. How will it work?
So this is where the techies should come in.
Naive explanation – the Identity Commons will set up this OpenIdentity service by evangelizing tool vendors, system houses and anybody or everybody who wants to access people. At the same time infrastructure, APIs and data structure get set up and configured and simple ‘SDKs’ are distributed – to enable multiple vendors to support the standard.
All the while the Identity Commons is governing this standard, making sure that no BigCos, enterprise, vested interests come in and ‘take over’.
But it all revolves around what people do with it – and that’s what this document is all about. See below.
6. What are some usage scenarios?
- Single sign-on – so humans don’t have to constantly be logging on….
This is probably the lowest hanging fruit, easiest concept to grasp. If a network of web sites or services want to share end-users –they could all hook up to the system and implement a single sign-on system. Victor Grey and Sergio Lub offer that sort of service right now – with their Friendly Favors system.
- Registries….in all shapes and sizes.
This would mean that an artists registry, an open ‘classmates’ kind of registry or even a registry of Grateful Deadheads could be established. These registries could maintain their own rules, data and control – and leverage the infrastructure of the People’s DNS.
- Integration and Shortcut mechanisms – so all your different presences on the WWW can be connected together (if you want)
Special interfaces can be developed to facilitate the easy movement of someone between their various blog, social software, media storage, portal or email on-line tools and services. As the usage of these new kinds of on-line services spread – so too is does the need arise for ways of connecting your ‘digital lifestyle’ together.
- Persistent Resumes – so an up-to-date resume can always be found
Humans will be able to post and maintain their resumes – in one place – and have all job applications reference that location. Then when it is necessary to update that resume, all references to that resume will be updated – as well.
- Listings service – a regionalized exchange of job postings, things for sale, apartments and house for rent and things people are looking for.
Local bulletin boards, on-line communities and activist groups can unite their ‘listings’ boards to create larger pools of regionalized listings. Larger, global listings services could also be supported as well.
- Giant People’s white pages – shared address book
Having a definitive global white pages – protected by the proper PETS (privacy enhancing technologies) – is an ideal application of a people’s DNS.
7. What’s the spec?
There are two basic principles that make up the spec of tyeh OpenIdentity standard.
a) Identifiers (for people and attributes) would be a simplified form of XRIs (and very RESTful)
b) a single-sign-on architecture that is very similar to the Liberty Alliance architecture except that Identity Commons could provide the "trusted identity broker" role
More details to follow from Drummond, Nikolaj and Fen.
I started a topic board here on OpenIdentity.
Everyone has to take that journey down: "What is Identity?"
