|Burningbird » The Clean Industry : As for me personally, I wouldn't mind eventually incorporating something such as LID into my weblogging tool, to enable people to edit their comments without being dependent on IP address. I also wouldn't mind a good identity system that I could use for a set of similar services, such as specific social services or group membership, or for the online newspapers I subscribe to.|
First some terminology for people not in this conversation. Identity Provider (IP): A system that provides identity services. Personal Identity Provider (PIP): An IP run by one person. Service Provider (SP):
I, and others, have a vision of an identity infrastructure where everyone ran their own PIP. And where a big proportion of SPs from Wordpress and MT upwards supported and used that infrastructure. Everyone should have an "About Page" with an API to provide single signon and identity provision.
I see three big problems to this happening.
1) Technology and adoption. For this to work the infrastructure standards need to be completely open, and they need to be implementable in lowest common denominator environments. That means PHP, Perl, dotnet and C++ with native language libraries or widely adopted extensions. Many of the target PIPs and SPs are running on hosted systems with minimal access. And the client browser could be one of several runnign on one of several OS. We can do this now with technologies like XMLRPC and SAX/DOM XML parsing. But we can't really do it with SOAP or with stacks built on SOAP.
2) Trust. If everyone is running a PIP how can we trust any one PIP site without some other trust metric? We can probably ensure that passwords are cryptographically secure and not exposed. But we still have the same problems of lack of trust that we have now with Splogs, trackback and comment spam. As peel away the onion layers eventually we need either a trust authority or a web of trust structure as in PGP.
3) Account Syncing and data duplication. Almost all SPs will want to maintain accounts with additional data. And they won't want to do round trip calls to the underlying PIP every time somebody views a profile on the SP or the account data is needed for session management. This means we will have data in two places and have to start thinking about sync as well as seeding new accounts with data from the PIP.
[ << Copyright in a digital world - Economics 2.0 ] [ Recognising the expression of an idea >> ]
[ 25-Sep-05 8:57pm ] [ Identity ]