Written by
If we step away from identity as a purely philosophical concept and consider it in the sense of something that can be used, then surely it only means something in the context of specific systems, technical or social. And that means that a user controlled identity can only ever be an alias for something that we individually don’t control.
Or am I completely missing the point? Would anyone care to comment?
To my mind the most interest benefit of a user-centric approach is portability.
My reputation is great on ebay, but I can’t use it anywhere else but ebay. I’d love to use it on say Amazon where I don’t currently have a reputation, or maybe to apply for other online services. That reputation belongs to me, not ebay, but I’m not free to use it as it’s website/application-centric.
My ebay reputation could be a handy measure of trust, but today it’s no use outside of its silo.
Funny but I just wrote a note about this. I agree with Drew the issue is indeed about portability and also about single signon.
I want to be able to change my passwords as often as I like and be able to access 100s of sites without having maintain my ID on those sites.
Today, OpenID [www.openid.net] seems the most promising initiative, always assuming that they prove their security and get the needed market penetration essential for viability.
We are currently testing the hypothesis that one can easily replace tradition username/ password authentication with OpenID. It’s looking good. If a lot of sites go that route (they may as well if it’s easy to implement) then we have a solution.
Then I will be able to change my passwords often and protect both my online ID and any sensitive content in the online services I use.
Once this is all centralised it will also much easier to link this portable ID to a network of reputation.