the iCite net > news / blog > a permalink

news and thoughts on and around the development of the iCite net
by Jay Fienberg

Example: identity iCites

posted: May 19, 2003 9:32:35 PM

On the simplest level, iCites are lists where each item on the list links to some information, plus has some attributes assoicated with the link. These links can link to other iCites, or to any addressable information (e.g., URLs on the Internet).

There are a few special types of iCites that exist to facilitate some standard interactions between iCites. One special type is called an "identity iCite", and its special purpose is to identify people who create or modify iCites.

iCites can be interfaced like websites, and they can use underlying authentication mechanisms like website's basic authentication. They can also use other authentication and authorization schemes--so iCites don't always have to use identity iCites. But, the option to use identity iCites opens up some interesting possibilities.

identity iCites are still simply iCites, being lists as described above. So, what kinds of things does an identity iCite list? Here are some examples of what I might have on my identity iCite:

  • my names, screen names, pseudonyms
  • my contact info: addresses, phone numbers, emails, IM names
  • my birth date, birth location
  • my PGP public keys
  • my current location (e.g., from a GPS-enabled device)
  • links to all the iCite identified content / posts on the web that I have authored
  • links to all iCites that refer to me via this identity
  • links to websites where I am currently logged in using this identity

identity iCites, like all iCites, can present different views of themselves, and those views are protected by the iCite access control mechanism. So, this means I can reveal different aspects of my identity iCite to different people. For example, I might show everyone a view of my contact info like this:

And, I might show people I know a little this more detailed view of my contact info like this:

  • name: Jay Fienberg
  • website homepage:
  • IM: (Jabber) testjay at
  • location: San Francisco, CA

Because iCites automatically update other iCites that refer to them, each time I create an iCite or any content / links on an existing iCite, I can reference myself via the URI to my identity iCite, and this will add a link to the new content in my identity iCite. In this way, my identity iCite lists the content I create whatever other website, forum, blog, it lives on (assuming those websites, forums, or blogs are associated with iCites).

Another thing that is possible with identity iCites is that I can create an "address book" iCite that links to the identities of people I know. Rather then my needing to get updated information on my friends as they move and change numbers and addresses, I simply am linked to their always current information.

identity iCites always include a core set of idenitity iCite attributes, like phone number or email address. But, they can be extended to include other types. So, for example, a company could have a special identifier, like "office number" and encourage each of its employees to include that as part of their identity iCite.

The identity iCite can also function as part as a website login mechanism. Again, iCites can use existing and other login mechanisms, but the identity iCite itself can be used as a method of login.

With this method, whenever you go to a website that supports identity iCite logins (i.e., by that website being associated with an iCite), instead of entering a username and password, you enter your identity iCite URI (which can be entered with one-click with the help of a bookmarklet). The following steps are then followed:

  • the website's iCite creates a "session - pending" link to your identity iCite
  • the website redirects you to your identity iCite's sessions edit view
  • you click a "this is me" link next to the "session - pending" reference on your identity iCite
  • your identity iCite notifies the website's iCite that the "session - pending" link was authenticated
  • the website's iCite changes the link type to "session - authenticated"
  • your identity iCite redirects you back to the website, where you are now logged in

Remember, with any iCite, each view can be restricted by access control. So, on one's identity iCite, a view like "session edit" would be restricted so that only the iCite owner could see it.

With current sessions listed on your identity iCite, it would be possible to use the logout from the identity iCite to trigger the logout from all other sites. Simiarly, the identity iCite could be used to track all logins and this could be monitored for unauthorized uses.

Because identity iCites can express presence, as in "I am online" or "I am logged in" and also reference specific information / content that might have restricted uses, identity iCites can facilitate all kinds of games, digital rights management, voting, and other interactions where identity and presence (or current use) are important.

Creating an identity iCite will be very easy--as easy as creating a list of one's name and contact information. And, there is no limit in the iCite net on individuals creating more than one identity for themselves. In fact, one attribute of an identity iCite is a link to alternate identities, should one want or need to admit to using multiple identities!

So, identity iCites are not meant to be an ultimate form of identity management that fulfills single-sign-on. Rather, identity iCites live a layer up from such schemes--they can benefit from such schemes, or can have good uses in the absence of such schemes.

But, identity iCites do provide a consistent way to identify people and for the relationships people have to between each other and between themselves and the content / information they create all over the place, to be accessed from a single point of reference. (Note: if you already know about FOAF, then you can imagine how identity iCites can represent parts of themselves as FOAF.)

Note: future versions of this example will include live iCite examples, tips and tricks, how to's.

permalink | comments {0} · trackbacks {0}

also available as: rss · rss2 · rdf · atom

Comments and Tracbacks

Note: All comments and trackbacks are moderated. Spam is deleted. Other comments are approved as promptly as possible.

Note: Older posts no longer accept new comments or trackbacks.

« prev post
Things left out of Google

» next post
Majority of human discourse here

blog newsfeeds

brief content:

 XML  ·  RSS  ·  RDF  ·  Atom 

full content:

 XML  ·  RSS  ·  RDF  ·  Atom 

blog archive

jan · feb · mar · apr
may · jun · jul · aug 
sep · oct · nov · dec
jan · feb · mar · apr
may · jun · jul · aug
sep · oct · nov · dec

jan · feb · mar · apr
may · jun · jul · aug
sep · oct · nov · dec

may · jun · jul · aug
sep · oct · nov · dec

first post: 
April 30, 2003

highlight views:
Spammers' Choice

Jay elsewhere online
Jay Fienberg - the official home page

Wrong Notes - the music blog of the Ear Reverends

Fine & Full, aka, a fine and full burger

Sociomobilepoetextologia (moblog, currently inactive due to lack of proper mobile)

to enjoy roll
sites I like to read when I start from here

· Anastasia Fuller
· Andy Baio
· Biz Stone
· Boris Mann
· Bre Pettis
· Chris Dent
· Danny Ayers
· Dare Obasanjo
· David Czarnecki
· David Weinberger
· Don Park
· Evan Williams
· Greg Narain
· Jason Kottke
· Jim Benson
· Lucas Gonze
· Marc Canter
· Matt May
· Matt Mullenweg
· Michal Migurski
· Nancy White
· Rebecca Blood
· Reg Cheramy
· Richard MacManus
· Sam Ruby
· Shelley Powers
· Tim Bray
· danah boyd

powered by blojsom

Entries by blojsim