IDENTITY

2005-09-03

This post will probably be a bit geeky so be warned.

I had an idea after reading this post by Mary Hodder on her blog. It’s about managing identity on the internet, a topic that has been getting a lot of talk recently. The problem with a lot of these ideas is that they’re top-down and require quite an infrastructure in most cases. Or, they let one company be in charge. This is clearly not in the spirit of the modern internet.

My idea is based on the RADIUS community model. When I go to SiteX, I’m presented with a Distributed ID (DID) login box (Distributed ID is undoubtedly already taken as a name, I just use it because that’s how I think of it). I put in my email address (or something like it, as I’ll get to later) and SiteX says ‘ok, your DID name is matt@mattorama.net‘ at which point it looks in the DNS for mattorama.net and determines the server I’ve appointed as my DID server. Email works the same way, I have an MX record which tells every website where to send my email. It then sends my DID name and password to that server and the server looks up my DID and returns the personal information I’ve filled in for that DID. Say for that DID I’ve put in my name, email, and website only. SiteX takes that information and uses that for my account on their site. I don’t have to fill it all out again. If they require more info than I’ve given, they can ask for it and either require or hope I fill it in. If I want to have many DIDs with different info on each, I can do that. matt@mattorama.net would be my limited info, fullmatt@mattorama.net would be my full info for billing or whatnot. fakematt@mattorama.net would be a fake name I’d use for pointless login sites like newspapers.

The benefit is many-fold. First, it works like many other existing internet services. MX records in DNS, RADIUS, and mail servers are all old tech so I’m not reinventing traversing any new ground idea-wise. The server is small and could become a staple like smtp servers. I’d do as open source so nobody controlled it and a bunch of implementations could grow, again like smtp servers. RADIUS servers use flat text files which are easy for small ISPs or individuals, or database servers for bigger sites (like Yahoo which just got in some hot water with making Flickr people switch to Yahoo IDs. With this system, they could manage both sets of IDs just as easily as just the Yahoo ID) ISPs could use it as an sales tool. ‘We give you 5 DIDs with your account or you can buy 5 more for $X a month!’ The user manages the DIDs through a website or other ISP administration tool. No one authority is in the middle. This is better for security since there’s no big database to hack and steal everybody’s identity. Undoubtedly there’s some technical issues to overcome since I just thought of this like 15 minutes ago but the idea is simple enough and like I say I’m not breaking any new ground. RADIUS has been doing this for years.

I have so little free time that I doubt I’ll get to implementing this any time soon. I think I’ll do it as part of my website I’m building (core functionality is almost done so I’ll be putting into a stealth beta test mode soon!) to get at least one implementation out there. It’s an easy idea though so if anybody’s reading who has some feedback or wants to spread this idea around or actually do an implementation, please do. Also, if you happen to be doing a digital lifestyle aggregation system (ahem, Marc Canter) and have some feedback for this idea, I’d love to hear.

tags: grommes, identity links, identity discussions


Main