Identity

by Rael Dornfest

The air of late is thick with talk of identity. The holy grail is a unified, decentralized, simple yet extensible user-centric identity, membership, and preferences fabric for the Internet.



The stone soup includes such ingredients as: Passport, Hailstorm, XNS, XML-RPC/SOAP, Instant Messaging, Single Sign-On, Authentication, Security, Access Control, User-Centric Services, and so on.





I invite you to join us for a spot of meme hacking and problem-space mapping at the Identity Birds-of-a-Feather session, the O'Reilly Open Source Convention in San Diego, July 23-27, 2001. The BoF will be held on Wednesday at 8pm in Marina II (East).




I've been assembling an evolving list of required reading on the subject:





  • "Microsoft® Passport is an online user-authentication service. Passport lets a consumer create a single sign-in name and password for easy, secure access to all Passport-enabled Web sites and services. Passport-enabled sites (also called participating sites) rely on Passport to authenticate users rather than hosting and maintaining their own proprietary authentication systems. However, Passport does not authorize or deny a specific user’s access to individual participating sites; Web sites that implement Passport maintain control over permissions." --Microsoft Passport Technical White Paper


  • "America Online is quietly rolling out a new unified sign-in service, similar to Microsoft's Passport, across its properties and partner sites. Codenamed "Magic Carpet" and currently promoted as the "Screen Name Service," visitors will be able to sign in with a single click and seamlessly browse sites supporting the new technology." --With HailStorm Brewing, AOL Readies 'Magic Carpet'


    "The Screen Name Service lets you create a single, consistent Screen Name, as your personal "ID", which you can use to safely, securely and conveniently access and personalize sites across the Web." --About the Screen Name Service



  • "Developers are now faced with a choice -- support Microsoft's membership system, and thereby feed customers to them, or develop an open, clonable and decentralized system, so that membership is a competitive space, not owned by one or two large companies. " --Dave Winer, Distributed membership and preferences


  • "Microsoft will control a user's identity, leasing it to them for use within HailStorm for a recurring fee. " --Clay Shirky, Hailstorm: Open Web Services Controlled by Microsoft


  • "Cyberspace does, however, afford the interesting option of pseudonymity. Were there Passport support on a useful number of sites, I would likely set up a number of different identities for myself. Ideally, there would be a variety of authentication services equivalent to Passport, so that I could distribute my identities -- and thus spread the risk of compromise -- among them." --Jon Udell, A Storm Brewing


  • "I have long believed that it's more important to assert our own identities, and authenticate who and what we encounter in cyberspace, than to hide our identities." --Jon Udell, E-Mail Virus Danger Is An Identity Crisis


  • "Such a open source system could potentially eliminate the need for websites to require local accounts to be set up by the user that are often repetitive and cumbersome. The user could potentially use their one master account to access and manage all other services they use on the internet." --Jabber Identity Project


  • "XNS, or eXtensible Name Service, is a new Internet service that lets individuals and businesses establish a global online identity and address, exchange self-updating business cards, use a single sign-on name and password, automatically exchange and synchronize common types of data, and manage the use of shared data under XNS privacy contracts. XNS works through a globally distributed network of XNS agents and agencies. " --XNS.org (See also OneName)


  • "Identities exist in some "realm," and we use that term in its usual sense. We often think of a realm as being a relatively large collection of users, like compuserve.com or aol.com, but it might well consist of a small set of users, e.g., user names and pass phrases associated with an individual Web server. We allow the service to specify a set of realms, to recognize an identity in any of the realms in which it participates." --Gary Brown, Compuserve, Remote Passphrase Authentication


  • "ICEPick is an Open Source peer to peer system designed to enable cross web site authentication and personalization services. It was inspired by the recent announcement of Hailstorm by a large company from the north west. ICEPick serves as a replacement for many of the services provided by Hailstorm without the central control of the users information. In the ICEPick system the user truly will own their information and can restrict access to those who they actually trust." --Kimbro Staken, ICEPick


  • "The DotGNU project will use good ideas from Microsoft as a source of inspiration, and Microsoft will probably also use good ideas from the DotGNU project as a source of inspiration. . . with DotGNU every Internet Service Provider (ISP) can offer the equivalent of Microsoft's "Passport" service,and the ISP can customize and modify this service according to their customers' needs. " --The DotGNU Project


  • "Sun Microsystems is quietly readying an alternative to Microsoft's Passport, a linchpin of the Redmond company's forthcoming Windows XP operating system." --Heading MS Off at the Passport


  • Lucas Gonze's Yahoo! Groups Decentralization mailing list is always chock full of related high-level discussion.






Any must-read resources to add to the list? Please do suggest away! Planning on attending the BoF?