Stream of Consciousness

Google is announcing Friend Connect tonight, a service advertised to “help website owners grow traffic by enabling any site on the web to easily provide social features for its visitors.” Friend Connect employs OpenID and oAuth which is a good start, but how it puts them together is lacking vision and, disturbingly, may raise significant privacy concerns.

Google is a member of the Data Portability Working Group which is working on open standards that tackle difficult issues such as privacy, control and data exposure. Unfortunately, while Google is thus aware of the issues, it has instead chosen to create yet another closed system where the social graph and all of the key connections people make is contained on Google’s servers. Friend Connect provides its services in an iframe that makes integration simple - and thus will speed deployment - but limits flexibility. While undeniably powerful given Google’s ability to datamine net connections, this is neither open nor user-centric.

In creating Friend Connect Google seems to by throwing its weight around in the social network sphere in much the same way Microsoft does regarding web interface standards. In the latter case, Microsoft - knowing it owns nearly 90% (and shrinking) of the browser market - has the power to disregard internationally accepted web standards with respect to how elements are displayed on the page, causing headaches for web developers building to the standards. Similarly, Google - knowing it owns a huge (and increasing) amount of link data - has the power to create seductive services that sites will use while disregarding community-developed best practices that support full user control over how, when and with whom data is shared.

I have to close with a disclaimer that all this is speculation upon what I’ve been able to discover so far with respect to Friend Connect which, as of this posting, has not yet been released and thus not reviewed. One can hope that they listen to the organizations of the Data Portability Working Group and the privacy concerns they are working to address.

Just finished installing OpenID into the IIW MediaWiki - please see http://iiw.idcommons.net/

This was much harder than it should have been, as there are multiple OpenID plugins that claim to work with MediaWiki, and several of these claim to work with the latest OpenID-2.0.0-rc5 but finally the new version 0.7.0 of the standard MediaWiki OpenID extension fit the bill perfectly after dropping back to the v1.2.3 library. A million thanks to evanpro and, of course, JanRain.

All that tech stuff aside, I’m excited to have the opportunity to attend the first day of the Workshop (I have other commitments for the the other two days. which I am actually happy for as they are paying my fare across the country). In particular, I want to explore the use of barx to support alternate XRI/i-name roots so that federations of running proxy resolvers can be upgraded on the fly to include new local roots, simply by distributing a new plugin. The value of this to the many grass-roots organizations I work with at CivicActions can’t be over stated.

I look forward to seeing many of my colleagues next week as they gather to move the state of the art of user-centric digital identity forward another step.

Day one at the Internet Identity Workshop, or IIW2007, began with Eugene Kim - Chairman-elect of Identity Commons (”2.0″, now with rounded corners), asking those attending their first IIW to stand up - over two-thirds of the 150 or so people in the room stood up. This is a great trend - the word is getting out!

I have been away from the technical side of the identity world for the last two years, but it seems not much has changed. Yes, there are now over 90 million people who have an OpenID, but few people are actually using the darn things. In the breakout session on three challenges in the identity space, I led a group of eight people as we came up with a list that was similar to what we were asking at the first IIW two years ago in Berkeley:

• Privacy vs. Attribute-based Authorization
• Trust Models and Reputation
• Interoperability

What was great was to see the progress in the field, that came from two unexpected directions:

• While in the past, experiencing the initial six presentations (OSIS, Liberty Alliance, CardSpace, Higgins, OpenID and the OpenID Foundation) would have been like being at six different conferences, as they were all working to separate themselves from the others, this time they were all converging to a single agreed space and were basically saying the same thing in different words and detail;
• There was a lot of running code! Examples include a Higgins framework for Second Life, Pibb (an OpenID-enabled IRC client), ws02’s identity solution, and even Simple Authentication for the Web (pdf) or “SAW”, which relies on the “I forgot my password” link to perform authentications.

Doc Searls ended the day noting that “all the identities in your wallet were given to you by someone else” and that our job is to co-create the user-centric digital identity needed to take back our power.

In the Open Space sessions tomorrow, I expect I’ll be leading or co-leading sessions on Why XRI? and Grassroots Reputation. I’m looking forward to it.

Phil Windley blogged about FreeYourId.com, a full service OpenId provider that gives you access to services off of a single .name URL. This starts to give a taste of what i-names can do, though it is - while clever - somewhat simplistic. When you give someone a YourId.name email address, they can then email you forever, as long as you keep the email it forwards to current.

When you give your i-name, you can remain in control over what services others can access from it. So if someone - or some company - starts sending you messages that you don’t wish to receive (solicitations, spam, etc.) you can easily shut them off and they no longer can contact you via that vector. Add a layer, and you could allow messages into your inbox that are considered to be of high quality from some group you trust. Or you can provide authentication that you are someone’s “friend” as they move between social networks, but when the go to a network you don’t like, the authentication no longer works.

Such mediated services are a major aspect of what make i-names (and XRI) particularly interesting, and the OpenId folk have (IMO) wisely include XRI service discovery in the OpenId 2.0 specification, which is nearing completion. Because of the complete control i-names give their owners, they provide a simple and natural foundation for creating the next killer app: community mediated reputation services.

Many of us celebrated when it was announced that AOL has embraced OpenID. Does that bring us any closer to the goal of secure, privacy protected user-centric digital identity that empowers users, leveling the playing field between them and service providers to the great benefit of both? (OK, that’s my goal, but maybe some of you may share it.) I say: no. In fact, it can and may have just the opposite effect, providing false security and tarnishing the concept of single sign-on (SSO) throughout the, uh, blogosphere.

What’s missing is the key element that the Identity Commons was originally created to foster: community. If I may get metaphysical for a moment, trust starts by knowing yourself, and then extends tenuously outwards from the mind/heart/spirit to those around us that we feel we know and connect with at some level, in some set context. Let me ask you: does adding 30 million people into your community make you feel all warm and fuzzy?

With the introduction of OpenID/i-name authentication into more community networks/web sites, reputation (and the associated themes of trust, accountability and privacy) is quickly being seen as an important factor in any healthy online ecosystem. It is especially critical when people can join a community anonymously (note that a working email address alone does not provide any useful measure of accountability - see e.g. Mailinator). A network devoid of accountability is of limited - if any - usefulness, for when spammers and trolls can share equal footing with responsible netizens, trust and the all-important feeling of safety and security that a healthy community provides is lost. Further, as the value of reputation grows, people will find it important to protect and grow their reputation, as it will become increasingly common to ignore comments by people with little or no reputation - after all, they could be spam-bots.

So how do you begin to trust people you may never meet? This is a much researched and fairly well understood property of social networks - that you can grow to trust the wisdom posted by Bob simply by the history of his (assuming Bob is a “he”) postings in a particular forum. Thus, Bob earns a certain respect, or reputation, within the community. As the community grows, reputation can diffuse; but too small a community can appear as a conspiracy and also not be trusted. But if one has a normal amount of reputation and is also to be found in multiple communities, this is another way reputation can grow.

With the introduction of OpenID, small communities (such as those I work with at CivicActions) will be able to provide a basic (perhaps “default” may be more accurate) reputation (or rating) service enforced by their society contracts. In our case, we can additionally provide a strong foundation for inter-community reputation growth and management since we foster the growth of several communities a month and have intimate knowledge of how the community sites are constructed (we build ‘em!).

Some Technical Details

To support inter-community SSO, we will create and maintain a centralized, secure repository of user information (a “profile store”) that contains e.g. user names and email addresses. (This is separate from the authenticating I-Broker (or OpenID Provider) that can authorize access to the profile information under user control. And while the XRI technology underlying i-names supports distributed identity and data-brokers with encrypted data stores, these won’t exist in the initial release.) The profile store will also manage data contracts (or “Identity Rights Agreements” (IRA)) that client sites (AKA “Service Providers”) will electronically sign in exchange for profile data (such as an email address). A simple IRA for access to a user’s email address might include clauses like:

We agree to:

1. never sell, rent, trade or otherwise make available your email address to other parties that you have not explicitly agreed to;
2. refresh our cached copy of your email address from the profile store before use, thus ensuring that we always contact you at your current and correct address;
3. remove your email address from our servers should you request this (perhaps as part of leaving our community);
4. …

Since the profile manager (and community I-Broker) are both maintained by CivicActions, and since we will be hard-coding the IRAs and profile sharing protocols, we will be a de facto reputation server as well. Over time, we will implement identity and data portability as permitted by the XRI protocol standards. We’ll do this not only because we are committed to zero lock-in and want to enable our clients and their constituents to move freely, but also because it makes sound business sense to allow the free flow of people and their ideas in - and out - of any space, thus empowering each and everyone to find their spot where they can shine.

Back to Reputation

As peer-to-peer OpenID authentication will enable Single Sign-on (SSO), there will be a much lower barrier to entry (and exit) to (from) our client sites. This will enhance the vitality of each community by enabling members to more easily find where they feel most connected and useful while not being concerned about (re-)joining, who has access to their email address, etc. Yet the use of a single identity across multiple communities will enhance each user’s ability to gain reputation and trust in others that have gained reputation.

The value of CivicActions reputation will have additional use/importance as we start to provide/consume reputation metrics to/from outside communities that we develop peering (trust) relationships with. Note that no centralized or globally defined namespaces are needed - that can all be done the same way we’ve always done it - personal and group-mediated introductions at the grassroots. By providing a sound basis for building trust and accountability, our reputation service can empower a global community that shares our values and helps (us and our clients) move the world forward.

When you log into a community site, say LinkedIn or Tribe, you provide them with information about you which they now control. This is unfortunate because 1) if you want to log into another site, you have to enter similar information again (if you belong to more than one social networking site, you know what I mean!) and 2) if (say) your email address changes, you’ve got to go and change it at every place you gave it to, or else risk missing the messages that you signed up for (which is bad for both parties!).

User-centric identity enables you to be the master of your online digital identity. Once you have that control, the tables turn and instead of giving other sites your data (which can rapidly become obsolete) you instead give them permission to access certain parts of your personally maintained data. As long as you give them access to e.g. your email address, any time that you change it (in just one place) all the sites that have “subscribed” to your email address will get updated. Further, as you build depth as (say) LinkedIn and later want to bring some of your “reputation” over to Tribe, it’s as easy as giving them the right to view whatever portions of your “profile” you choose. And in case you’re wondering, there are some simple procedures, a developing set of “identity rights agreements” (similar in concept to the Creative Commons copyrights) and some fancy mathematical proofs that enable you to protect your privacy and security while doing all this - far better than it is protected now by all those sites storing it “for you”.

But I said above “coming soon to Drupal” and what I really meant was “coming soon to a community near you,” and Drupal just happens to be one of the more common community building tools. A recent announcement from OpenID caught my eye:

From http://iwantmyopenid.org/bounty (Digg it):

In an effort to raise the awareness and increase adoption of OpenID, we are proud to announce the OpenID Code Bounty.

$5,000 USD will be donated to the first ten software projects that meet the requirements of the bounty program. Currently the OpenID Code Bounty is being sponsored by VeriSign, JanRain, Cordance, ooTao, Four Kitchen Studios, Zooomr, claimID, NetMesh, Opinity, Six Apart, Sxip, Zp3, and the International Webmasters Association.

OpenID already uses XRI for discovery; the next step is to get the input form to accept either an OpenID URL or an XRI-based i-name. Turns out that appendix C-1 of OpenID Authentication 2.0 - Draft 5 says that is will do exactly that, and the good folk at JanRain are already working on it. Once there’s an 2.0-enabled OpenID Drupal module you can bet I’ll be incorporating it into CivicActions sites wherever possible.

The problem with both Root and Attention Trust is that they collect, store and use your data in ways that are not always under your control, and you have no recourse other than to delete your data so they can’t use it anymore - assuming they actually delete it. It’s a fairly serious privacy issue, the upside being that you get to choose your Big Brother.

It would be far preferable to have direct control over your data, acquire and store it in open standard formats, and be able to either market it directly or contract with a third party to do such marketing for you. When doing so, you could use onion routing to provide them with your online contact info, so that you would be protected in case they started selling your data in ways against your contract (always a possibility) at which point you could simply sever the connection, leaving them with “headless data” - that is, data useful in aggregate but not connected to any definable person.

Since the data is owned by you to begin with, and transferred/stored in open formats, you would be able to easily contract with new service providers. It would, of course, be in their best interest to “play fair,” knowing that you are really in control. Only on a level playing field can there be a true “win-win.”

Eugene Kim writes about the social, as well as the technical need for Free Identity. Check it out.

Drummond Reed offers some practical answers to dizzy who asked some reasonable questions about i-names. I’d like to add a couple small points.

First, I’d like to stress that I agree with dizzy that i-names need services to become useful. Besides the three that Drummond mentioned, we have plans - limited only by our resources - for many more, including:

• event registration, currently in beta that includes social networking capabilities
• membership management for organizations, made easier when the member maintains e.g. their contact information
• disposable email addresses that protect privacy and offer a spam-free email address for the user
• reputation-based and/or community-driven vetting of i-names to set access permissions, etc.
• permission based matching services (useful for everything from dating to traditional marketing)
• inter-social networking — networks without lock-in
• persistent avatars for on-line gaming
• and more…

The second point I’d like to make is that the global namespace is only the first one being built, primarily because it’s a simple and straightforward mechanism to bootstrap i-names into general use. But i-names are not centralized by nature, a key requirement towards supporting a world of ends. Other global roots as well as an unlimited number of distributed community roots can and will exist, some perhaps initially with mapping relays between the namespaces, much as the initial relay machines helped connect the arpanet, bitnet, usenet and others into what we now know as the internet.

And along these lines, though dizzy got a free global i-name for attending Digital ID World, IMO the majority of i-names will be free which coincides with our (2idi’s) open source business model with no governance required, though I believe that a membership-based federation of communities ala that proposed by Identity Commons is a good middle ground.

=Fen.Labalme

At a gathering after yesterday’s events of Digital ID World, Peter Davis suggested I do a Google search for “XML-dev Monty Python”. I was ROTFL while reading the thread of Monty Python-inspired commentary on semantic web goodliness starting here.

Ni!