This is a hot topic with many implications and applications. Most of the time when DigiID is mentioned, it is in context of government programs to give everyone universal identification. The fear there is of course centralized governmental control of your identity. While there certainly may be benefits in this, it nonetheless opens frightening possibilities.
But this is not what I wish to address here.
I'm thinking again about "your URI is your identity". Self-managed and SECURE Digital Identification.
First stop: FOAF (Friend of a Friend). Originally designed to draw the lines between oneself and one's online friends and "life" in a computer readable format (it is in RDF, like RSS 1.0), it does contain some self identifying information as well.
Example:
<foaf:Person>
<foaf:mbox rdf:resource="mailto:boris@levendis.com" />
<foaf:name>Boris Anthony</foaf:name>
<foaf:title>Mr</foaf:title>
<foaf:firstName>Boris</foaf:firstName>
<foaf:surname>Anthony</foaf:surname>
<foaf:homepage rdf:resource="http://bopuc.levendis.com" />
<foaf:projectHomepage rdf:resource="http://bopuc.levendis.com" />
</foaf:person>
Add to that David Galbraith and Ian Davis' new "Bio" vocabulary and you get some deeper ID data.
Example:
<bio:olb>Canadian; Web Specialist bon-vivant.</bio.olb>
<bio:event>
<bio:Birth>
<bio:date>1974-10-26</bio:date>
<bio:place>Montreal, Quebec, Canada</bio:place>
</bio:Birth>
</bio:event>
<bio:event>
<bio:Marriage>
<bio:date>When hell freezes over</bio:date>
<bio:place>
7th Ring of Hell,
Hades, The Netherworld
</bio:place>
</bio:Marriage>
</bio:event>
Getting personal now, aren't we? Well, I can easily foresee a day when such a file will also include physical addresses, telephone coordinates, maybe even Social Security Numbers, etc.
DigiIDs are a fast approaching reality and it is imperative that we be in control of them ourselves. It is imperative that the community build and maintain the tools for this and reach a critical mass in deployment and use before governments step in and do it for us and wrest control away from us.
Enter PKI (Public Key Infrastructure) and PGP (Pretty Good Privacy). These technologies are already in wide use amongst the more technically inclined (because they are concepts that are a bit hard to wrap one's head around and the tools are still rather tricky to understand as well).
As the weblogosphere evolves to include Digital Identification in it's daily going-ons, securing one's signature/identity is only in our best interest. I'd hardly be amused if someone, for example, were to do a drive-by smearing of Joe Clark and use my identity to do so... Worse examples are easily conjured.
All this to say: I don't know yet. Some kind of easy checks and balances using encryption are in order, using a simple framework and webstandard, open-source, community-built (or at very least NOT corporately developped or governmentally funded) technologies.