the iCite net > news / blog > a permalink

news and thoughts on and around the development of the iCite net
by Jay Fienberg

PlaNetwork conference, Digital Identity: Digital Rights panel

posted: Jun 7, 2003 4:09:30 PM

Blogging the PlaNetwork conference in San Francisco.

Panel includes: Owen Davis, Nikolaj Nyholm, Sridhar Rao, Jonathan Reams, and Victor Grey. Owen is working on the Identity Commons.

How do we build the ASN? Get practical. What are the obstacles?

Identity is not as much a technical problem as it is a social problem.

Victor says there are three basic issues / meanings with identity. 1) Identity mediated by cryptography. Identifying yourself to a website or online application. Doesn't have to do with who you are in the real world. But, it is useful in identifying you as the same actor on a system. Not a person per se.

2) Real world identity, mediated by government documents. Passports, driver's license, birth certificate, social security. Shift to other documents, like credit cards. Like, sites that require users to be over 18, credit cards are sufficient proof. Without a decent credit rating and a credit card (in the US), you need this kind of ID. Yet, no real regulation of this in US (better in Europe).

3) Your social identity: the people who know you. As we have gone online, this can also be affinity groups or online communities of practice. This is the kind that is really needed for online community.

Victor feels there is a missing piece in this discussion. Social identities are always rooted in the social group. And the social groups need to be able to be identified and introduced to each other (as a way to mediate individual introductions).

Nikolaj: thin line between three. Also interesting mapping between these and the real world. Online world can be an email or such. Offline can be a face. Mapping between the two. Moving between social and real world.

Social identity doesn't necessarily have name. You can go into a bar and people will get to know your face, but you could give a false name. On the web, there are pseudonyms. The lines are extremely fragile between these. The important thing is to know when do we use what. A lot of discussions about pseudo-identity and real-identity (or verified identity, like a government license / tracking of a person).

False belief that people can control your own information, what other people think about you, etc.

What has been missing is some persistent identity. Something that carries over from one site to another. Social networks are then hundreds of thousands of different contexts in which this identity can take part.

Jonathan: what is my experience of ordering the way the images about me that get constructed get played out? People see him in the room, maybe know him, maybe see a picture on the web, etc. Then, those people may talk to other about him (like my typing about him). How do I bring coherence to all these images about me? The thing he came to is: trust.

What leads one to trust one person and not so much another? Sense of integrity or authenticity between image or identity interfacing with and the sense of the organizing consciousness behind that identity. The more coherence, the more you can trust.

Owen: It is common to just look up someone in Google before you even meet them. Is what you find on Google really that person? Jonathan: is this knowing what someone is doing, or just getting images?

Marc: let's get beyond the philosophical issues and into the practical. Someone else from the floor: the issue is the voluntary vs the involuntary uses of identity. Another person from the floor: identity is ephemeral and the Internet let's us deconstuct and construct identity.

Ken Jordan, from the floor: what is you want to do both, have a persistent identity and have it evaporate when you don't need it. Nikolaj is talking about Christopher Locke and Rage Boy (the same person, though two identities mediated by quantities of caffeine).

Sridhar is talking. I guess he was an original developer on what became Passport once Microsoft bought it. He is talking about adding a constant value to an identity, so that if it were aggregated, it would have value that could be capitalized on. (I think I missed his point.)

He is talking about making identity management easy enough. People are clapping.

Victor is talking about people owning their own identity. Talking about namespaces. Need way to define who I am and what context I am in. Trusting a person via email is really trusting the institution of the domain name service. How do we create an institution that supports social namespaces that are persistent and cross-contextualized.

Nikolaj is talking about authentication is actually certification. A lot of times certification is not needed. He doesn't need certification of who we in the audience are to have this discussion with us. When it is needed, things like ratings work.

People are arguing some about web of trust and authentication being the most important. People are mentioning cryptographic signatures and DNS and petname markup language.

Someone is talking about authentication vs certification. She worked at and says: amazon saw the community as vehicle of authentication. The community would figure out who was who and whether they were authentic. The community was intrigued by its members and what they were up to (e.g., if they were also doing things on eBay, and what those were).

Someone is talking about inclusion or exclusion. There is the issue of antisocial people who maybe need to be excluded, but that should be the exception. Someone else: there isn't one answer that fits all. It may be easier to fabricate a driver's license in California than to legitimately get a Passport. Intimacy in some communities / interactions may require further authentication. In some other communities, authentication may not matter. We need to think about levels.

Marc Canter: he thought this was about connecting disparate systems, since there is no one way that will work.

Nikolaj: ASN is about civic discourse about these issues.

Question (from Open Privacy guy): Identity: Who are you? Profiles: what do you buy, etc.? Reputation: do you know what you are talking about?

Question: things I say about myself, things other people say about me, how do you make a system that contains all this? Marc Canter: how does this interconnect systems? Other guy: search and taxonomy to match stuff.

Victor: communities have reputations. Reputations have to be attached to some kind of persistent identity. Need communities with persistent identities so that you can verify that someone has a reputation within their community, etc. Need to create an institution that can maintain these reputations.

Q & A's about groups having their own governance. Arguments about being one system everyone could adopt vs not being the only one and needing to account for multiple systems. (I think the person talking is Sergio Lub, and Victor also works with Friendly Favors.)

Question: talking about people in Poland who are Bosnian who blog without using their real names. Same with people in Iran. So, this is in response to questioning the need for anonymity.

Woman who talked about before: we all take our own reputations very seriously. We have an interest in them. Within any one community, look for people to take responsibility or else they will be expelled.

Jonathan: what are the issues with going forward? Lack of common meaning about the values in question. It is a contextual one. Someone in room: This conversation in the room is an example of why we can't do it. Woman again: shouldn't we look at this as an example of the need to create a system that facilitates these different opinions. [Yes!!! (Note: this is basically what I am working on with the iCite net.)]

Jack?: talking about being able to federate identities, where you could move from one site to another. We need to find some serialized semantic interoperability, that needs to be evolvable. [Right.]

Nikolaj: my background is DNS. We are trusting the system. There is a root, but it is highly distributed. (Moving on / back) He doesn't believe in attaching the profile of you to your identity. He likes to affiliate himself with other individuals and he likes to affiliate himself with channels, a certain cause, etc.

Phil Wolf from the floor: job boards and personal advertising, swamped by resume spam. Big companies have outsourced to other companies who do background and reference checks on applications. They can't get all the info they need from one source. The resume is static, and so they look at things like weblogs to get fresher information. So, they will Google you.

Definition of who you are changes. So, there are many different needs, many different ways to express oneself. Maybe we are better off now letting there be many ways and see what wins.

Alan Reed from the floor: we need a thousand solutions along a continuum. One end is biometrics, and the other is trust. Philosophically, we only have self-responsibility. Put the onus on the individual.

Ken Jordan from the floor: this is exciting. We are unearthing a need for a common vocabulary. Not only in the philosophical sense, but also technically: so, we can build an architecture that will work. We need the most decentralized architecture possible. To give an individual choice. Identity has to be context sensitive.

If this kind of group doesn't come up with solutions, very large corporations will do it for us, and it will be reduced to: what are you buying, and are you credit worthy.

Someone from floor: need a glossary of terms. Put it out, and let's argue about that.

Nancy (?) from the floor: we need a glossary. We need to lay out the features. We have been talking about the individual's needs, but we need to also systematically lay out the needs of communities and groups (with regards to their identities).

Someone else from the floor: glossaries have reputations too. May not always work with all communities. So, need to find reputable transfer agent. Like when someone with a good reputation with GolfWeb goes to Slashdot, someone should broker that you are not just a newbie but someone who has been around for a while online. There needs to be lots of ways to connect, lots of vocabularies, and vocabularies have reputations attached to them. [Note: this is similar to how attributes will work on the iCite net: you can choose to use one that exists or choose another, or create your own. Those can be rated.]

Sergio from the floor: talking about non-profit organizations that spend lots of money trying to figure out whom to give money to. With trust, 100% of the money goes to good people. Without it, as much as 50% gets wasted on checking out people.

Rich Persaud (joining the panel): Latency of every system determines how fast you can learn, how fast you can trust. Latency of the discovery of value, of the discover of risk. These come into play in any identity system: risk, latency, potential (utility or value).

A lot of problems have to do with these issues. We solve these issues in computer systems with indirection. Need to go through levels, potentially hundreds, or indirection to realized potential.

Sri: don't underestimate latency. DNS doesn't require low latency. This is an argument for federated system for identity.

Rich: observation is a distributed activity (example: even sensory input). Centralized system is only useful to the nearest neighbors. We create structures to moderate utility. But we also do creative acts all the time, and that is not predictable.

Marc: the issue is the latency of the standard. He doesn't think it is up to us to try to make everything interconnect, but thinks that a centralized DNS-like system would help. [Note: the iCite net has iCNS.]

The hot discussion will continue during lunch. I am going out to grab a bite, and may blog more about this.

FYI, here is a link to a picture of the panel posted on Marc's Voice.

permalink | comments {1} · trackbacks {1}

also available as: rss · rss2 · rdf · atom

Comments and Tracbacks

Comment by: mikel ·
posted: Jun 7, 2003 5:52:27 PM

awesome job, keep it up!

trackback from: the iCite net development blog
posted: Dec 5, 2004 5:57:09 PM
title: i-names, XRIs, and

I met some of the folks behind this a couple years ago at PlaNetwork, and have been interested in seeing the XRI (Extensible Resource Identifier) standard in action ever since.

Note: All comments and trackbacks are moderated. Spam is deleted. Other comments are approved as promptly as possible.

Note: Older posts no longer accept new comments or trackbacks.

« prev post
PlaNetwork conference, Web Communities and Social Software, part 2

» next post
PlaNetwork conference, met folks from ManyOne

blog newsfeeds

brief content:

 XML  ·  RSS  ·  RDF  ·  Atom 

full content:

 XML  ·  RSS  ·  RDF  ·  Atom 

blog archive

jan · feb · mar · apr
may · jun · jul · aug 
sep · oct · nov · dec
jan · feb · mar · apr
may · jun · jul · aug
sep · oct · nov · dec

jan · feb · mar · apr
may · jun · jul · aug
sep · oct · nov · dec

may · jun · jul · aug
sep · oct · nov · dec

first post: 
April 30, 2003

highlight views:
Spammers' Choice

Jay elsewhere online
Jay Fienberg - the official home page

Wrong Notes - the music blog of the Ear Reverends

Fine & Full, aka, a fine and full burger

Sociomobilepoetextologia (moblog, currently inactive due to lack of proper mobile)

to enjoy roll
sites I like to read when I start from here

· Anastasia Fuller
· Andy Baio
· Biz Stone
· Boris Mann
· Bre Pettis
· Chris Dent
· Danny Ayers
· Dare Obasanjo
· David Czarnecki
· David Weinberger
· Don Park
· Evan Williams
· Greg Narain
· Jason Kottke
· Jim Benson
· Lucas Gonze
· Marc Canter
· Matt May
· Matt Mullenweg
· Michal Migurski
· Nancy White
· Rebecca Blood
· Reg Cheramy
· Richard MacManus
· Sam Ruby
· Shelley Powers
· Tim Bray
· danah boyd

powered by blojsom

Entries by blojsim