Identity 2.0 Gathering: Getting to the Promised Land

by Kaliya Hamlin

Identity was given substantial attention at OSCON 2005. Kaliya Hamlin (a.k.a. Identity Woman) shares her perspective on the topic and invites people to join her and co-conveners Doc Searls, Drummond Reed, and Phil Windley at the Internet Identity Workshop in October.

There were many who thought that an identity solution would emerge to support single sign on (SSO) shortly after the Web's emergence in 1994. An SSO solution has proven very elusive. Solving internet identity management, creating an efficient, reliable ecosystem, is often alluded to as "The Holy Grail." One of the reasons for this elusiveness is the fact that identity is no small matter. It lies at the core of who we are as social beings. There are many ways to think about what identity is, such as: how we define ourselves (self-assertions), how others see us (facts about us), and what others think about us (our reputation).

When tackling the problem of representing these elements, the first challenge is settling on a protocol used in a system that is flexible and broad enough to encompass the enormously wide range of ways people around the globe use and define identity. Identity protocols are not like TCP/IP--simply just connecting two machines. While reading Protocol: How Control Exists After Decentralization, I came across this quote that summed up the challenge. "Protocol is synonymous with possibility ... Protocol outlines the playing field for what can happen, and where. If one chooses to ignore a certain protocol, then it becomes impossible to communicate on that particular channel. No protocol, no connection." The edge use cases must be considered carefully so that they are included within the protocol's possibility landscape. The inherent complexity of this next identity layer of the Net is one of the reasons it has yet to successfully emerge.

Related Reading

Digital Identity
By Phil Windley

Kim Cameron, Microsoft's identity architect, talks about the big bang that will happen after a user-centric identity meta-system emerges. This metaphor is apt because it is difficult to talk about the future after this big bang. Once it happens, totally new possibilities emerge that we have not even thought of yet. It is a bit like trying to explain the web to normal folks before it "happened."

I first read about this future in "Augmented Social Network: Building Identity and Trust into the Next Generation of the Internet," and met the folks working on building it at Planetwork. I was inspired by the post-big-bang scenarios articulated in the paper for how trusted persistent digital identity could be of benefit to civil society, and I began evangelizing right away. When I first met Doc Searls at a baseball game after LinuxWorld in August 2004, I was excited to learn about his enthusiasm for market opportunities after the big bang. He put forth new ideas about how markets can be liberated "simply by developing the means for individuals to assert their sovereign identities" ("Independent Identity," Linux Journal, September 2005 issue).

In 2001, around the time of Passport's rollout, there was a flowering of potential alternatives: AOL Screen Name Service, Jabber, XNS, ICEPick, DotGNU, Liberty Alliance, and Remote Passphrase Authentication. A few are still around. Liberty Alliance today is not particularly user-centric, and as Doc describes, it supports giant corporations having your data. Jabber still exists but has not gotten IM out of its walled gardens. I am enthusiastic about the children of XNS, called XRI and XDI, two standards being developed at OASIS, because of the flexibility these two protocols allow for persistent identifiers (called "i-names" and "i-numbers") and trusted data sharing. XRI builds on top of the current URI and IRI (Internationalized Resource Identifier) standards but support all authority delegation models including peer-to-peer, making it easy to have privacy-protected, user-managed identifiers. XDI is a simple XML-over-HTTP protocol that uses XRIS and "link contracts" to allow individuals and communities to define for themselves when and under what terms data is shared and synchronized.

Several other potential standards exist that just use DNS-based identifiers. They include SXIP, LID, Passel, mIDm, and Moebius.

Infocards are also under development by Microsoft to create a standard ceremonial user experience for the exchange of user data and personally identifying information.

Kim Cameron's arrival on the identity scene was a breath of fresh air. The most non-Microsoft guy you will ever meet, he has taken the whole conversation of the user-centric identity community to a new level, with deep philosophical insights to the challenges we face in bringing about a meta-identity system. His white paper on the "Seven Laws of Identity," first published and refined through his blog--and added to by the community's commentary--is a must-read for all concerned.

A recent arrival of note is Bob Blakley, chief scientist at IBM, who has begun blogging the "Axioms of Identity;" on par with "Kim's Laws," they provide the needed philosophical context for this effort to create a successful identity meta-system.

The "identity gang" has been meeting informally at tech conferences during the past year and has a listserv and wiki hosted by the Berkman Center. The need to dive deeper into the different proposed protocols and the philosophies behind how their architects built them has arrived. To meet this need, Doc Searls, Phil Windley, Drummond Reed, and myself are co-convening the Internet Identity Workshop on October 26 and 27th in Berkeley, California. On day one of the workshop, presentations will be made by the authors on emerging protocols and governance models. Day two will be structured open space to allow a range of emerging issues and proposals to be discussed.

We hope you can join us as we continue our quest for the Holy Grail of Identity--either at the event or online.

Kaliya Hamlin , a.k.a. Identity Woman, is an expert in the ecology of companies and organizations working with the open XRI/XDI standards and the overall next-generation identity space.

Return to the Policy DevCenter