i-names and the identity commons
Geek
I just read a post by Peter Saint-Andre on Planet Jabber that lead me to an interesting article by Doc Searls about a grassroots identity federation scheme: i-names.
I-names are part of the push by Identity Commons for a standard, open mechanism for identifying people and sharing personal data on the Internet, without requiring participants to give up their privacy in the process.
Right now, you can register an i-name and use it to allow people to contact you by email, but prevent you from getting spammed. When you register, you are given a "secure, private personal contact link" hosted by the (only?) i-names registrant, 2idi. You can point people at this page, for example by using a link on your website or in your email. People visiting that page then authenitcate themselves according to the privacy setting you specify and when verified, can send you an email.
Now, this is something you can setup youself today if you have the necessary web-fu skills, but the aim is to provide a standard way of identifying people that can be used around the world for things like, say, e-commerce payments, or providing proof of the sender's identity for email and other forms of electronic communication (e.g. to prevent phishing attacks).
This could be the common basis for single sign-on systems (non-evil replacements for Microsoft's Passport/Hailstorm/Palladium technology), automatic data sharing with trusted parties (no more web forms to fill in) and so on.
Obviously to succeed, it needs to get a critical mass of people behind it. So I've gone off and registered my own i-name: =mjg. Feel free to give this address out to anyone, it's spam-safe and should be around at least for the next 50 years. It only costs USD$25 (~AUD$33), so go register and start giving your i-name out in public without having to worry about the spam.
Comments
"I've gone off and registered my own i-name: =mjg."
Cool enough, but, as the second comment to Searls's article basically asks, what does Mary Jane Gumby do now? When she has to register =mjg9872346163, what's the point?
"Feel free to give this address out to anyone, it's spam-safe..."
It might be spam safe, but how do you, say, sign up to a mailing list with it?
I just don't buy the hype of single-sign-on and persistent online identity. All my unimportant passwords are remembered by my browser. Everything else I keep safely under my tinfoil hat, thanks.
Posted by: Paul Hoadley on December 14, 2004 02:17 PM
Heyz ppl my name is Danielle Marie i need a confirmation name nd i cant think of one i was thinkin Valintine or Rose can ya help me out
my sn iz purpularpenguin7@aol.com Thanx
Posted by: Danielle on December 14, 2004 02:25 PM
"should be around at least for the next 50 years."
Really?
I'm with Paul on this one. The intent is laudable, but the thing about Passport (evil though it is) is that is doesn't really guarantee identity anyway. Yet. And the same is true of i-names (laudable though they are)... they don't really do anything Yet. Other than protect you from spam a bit.
I'm all for supporting open (though this may or may not be) grassroots alternatives to the big guys on the internet, even when they're not ready for primetime, though. Sign up, it can't do any harm.
Posted by: Joel on December 14, 2004 09:17 PM
Well, my understanding was that there could be multiple registrars, so you'd have the option of either finding another registrar or setting up your own. There are also local i-names (registered under a global i-name) so I imagine you might get an i-name in a way similar to how most people get email addresses at the moment - from their ISP. But unlike email addresses, they are re-assignable, so you can take your data with you as you move around.
But it isn't supposed to be a replacement for your email address, it's just a means of giving out personal information (like your email address) in a secure way. The spam protection comes from not replacing email, but from providing a secure means for people to find out what your email address is.
I guess we just differ in requirements. I'm big into SSO and federated identity because I'm inundated by multiple online identities (nearly one for every web site I frequently visit) and my personal data is duplicated across at least four machines that I use regularly. I find it a big pain in the ass.
Anyway, Joel, that's why I signed up. I'm going to see if I can integrate i-name based SSO into my many web properties (heh), and maybe provide some registrar functionality -- I like keeping my personal data on my own hardware. Fancy the i-name =joel@vee.net?
You're right about the lack of guarantee of identity but at least it can provide continuity of identity. It could be used as part of a global PKI for, say, dispensing public keys without having to keep track of n different keyservers, which would be cool.
Posted by: Mike on December 14, 2004 11:41 PM
Yes.
Guarantee is less important for me than continuity too.
God I hate the Internet.
%)
Posted by: Joel on December 15, 2004 11:01 PM
Add a Comment