Identity by URI
There have been some great projects lately about moving information control into the hands of users such as Move My Data. In that vein there is the idea of profile data using microformats. For example you have a list of your friends marked up on hcard on your blog. When you sign up for a social service then you just input a link to your blog and your friends are imported. And you can have subset’s across services, giving you ease and control.
We don’t need yet another centralised service. The information is already out there, it just needs to be explicitly marked up.
Decentralization and control by the user is also becoming important in the movement for “Identity 2.0”. If you want a quick introduction then I recommend watching the OSCON keynote by Dick Hardt. There are a few architectures that are being built around this idea but one that seems to be taking off is OpenID. From the official site:
OpenID starts with the concept that anyone can identify themselves on the Internet the same way websites do-with a URI (also called a URL or web address). Since URIs are at the very core of Web architecture, they provide a solid foundation for user-centric identity.
For those used to the normal user/password at every site it can be a bit of a hurdle to understand as it involves external providers and trust (from Wikipedia):
Therefore, the strength of an OpenID login depends on how much a relying party knows about the authentication policies of the identity provider. Without such knowledge, OpenID is not meant to be used on sensitive accounts (banking, e-commerce transactions, etc.), but if an identity provider uses strong authentication, OpenID can be used for all types of transactions.
To help understand this here are a few posts you may find useful:
- OpenID users can be just as trusty as local users
- An OpenID is not an account!
- Solving the OpenID phishing problem
If you’d like to get started learning more about OpenID or implementing it then here are some useful places:
- Planet OpenID
- OpenID for non-SuperUsers
- Unobtrusive OpenID
- Wordpress OpenID Plugin
- MyOpenID - free hosted provider
- How to turn your blog in to an OpenID
- OpenID Screencast
And for those in the library field that may think it’s something to ignore, here’s a nice post about Repositories and OpenID as author identity.
I've felt for some time now that any centralised approach to name authority is pretty much doomed to failure for all sorts of reasons that I won't go into here. I've had at the back of my mind that one might be able to build a distributed solution using LDAP, i.e. based on the LDAP servers maintained by institutions. But it seems to me that using OpenIDs has some significant advantages...