March 15, 2003 23:52 | WebBlogging / WebTech

Digital Identity

This is a hot topic with many implications and applications. Most of the time when DigiID is mentioned, it is in context of government programs to give everyone universal identification. The fear there is of course centralized governmental control of your identity. While there certainly may be benefits in this, it nonetheless opens frightening possibilities.

But this is not what I wish to address here.

I'm thinking again about "your URI is your identity". Self-managed and SECURE Digital Identification.

First stop: FOAF (Friend of a Friend). Originally designed to draw the lines between oneself and one's online friends and "life" in a computer readable format (it is in RDF, like RSS 1.0), it does contain some self identifying information as well.

Example:

<foaf:Person>
<foaf:mbox rdf:resource="mailto:boris@levendis.com" />
<foaf:name>Boris Anthony</foaf:name>
<foaf:title>Mr</foaf:title>
<foaf:firstName>Boris</foaf:firstName>
<foaf:surname>Anthony</foaf:surname>
<foaf:homepage rdf:resource="http://bopuc.levendis.com" />
<foaf:projectHomepage rdf:resource="http://bopuc.levendis.com" />
</foaf:person>

Add to that David Galbraith and Ian Davis' new "Bio" vocabulary and you get some deeper ID data.

Example:

<bio:olb>Canadian; Web Specialist bon-vivant.</bio.olb>
<bio:event>
<bio:Birth>
<bio:date>1974-10-26</bio:date>
<bio:place>Montreal, Quebec, Canada</bio:place>
</bio:Birth>
</bio:event>
<bio:event>
<bio:Marriage>
<bio:date>When hell freezes over</bio:date>
<bio:place>
7th Ring of Hell,
Hades, The Netherworld
</bio:place>
</bio:Marriage>
</bio:event>

Getting personal now, aren't we? Well, I can easily foresee a day when such a file will also include physical addresses, telephone coordinates, maybe even Social Security Numbers, etc.

DigiIDs are a fast approaching reality and it is imperative that we be in control of them ourselves. It is imperative that the community build and maintain the tools for this and reach a critical mass in deployment and use before governments step in and do it for us and wrest control away from us.

Enter PKI (Public Key Infrastructure) and PGP (Pretty Good Privacy). These technologies are already in wide use amongst the more technically inclined (because they are concepts that are a bit hard to wrap one's head around and the tools are still rather tricky to understand as well).

As the weblogosphere evolves to include Digital Identification in it's daily going-ons, securing one's signature/identity is only in our best interest. I'd hardly be amused if someone, for example, were to do a drive-by smearing of Joe Clark and use my identity to do so... Worse examples are easily conjured.

All this to say: I don't know yet. Some kind of easy checks and balances using encryption are in order, using a simple framework and webstandard, open-source, community-built (or at very least NOT corporately developped or governmentally funded) technologies.

Comments
Mon, Mar 17, 2003, @ 9:47
1- karl

Boris,

The URI as an identity is not a new concept. Tim is used to say that if it's not on Internet it doesn't exist. It seems a bit provocative but it's just to say that an URI gives a reference to a resource whatever it means.

mailto:karl@la-grange.net

http://www.la-grange.net/karl

sont deux reprÈsentations ce que je suis.


Mon, Mar 17, 2003, @ 10:59
2- Boris Anthony

Thanks Karl.

It is a bit of a sound bite, one way or the other, isn't it.

The URI to my DigiID file... that resource would contain my digital identity. In another way, the URI to this weblog would be the URI to an aspect of "me", my mind perhaps...

The URI which is my email address would be another link to the resource that are my eyes and mouth...

Technology is an extension of man. The Internet as an extension of man: URIs are pointers to the various extensions of who we are... Hosts and ports are "senses" and "inputs" into our cyber-selves...

Where am I going with this? Cyborg land!