The issues around identity extend far beyond the borders of emerging telephony, but it was a recurring theme at the O'Reilly Emerging Telephony Conference. Both the hackers and the microsofties had things to say:
Ten years ago, there tended to be just one large provider for any
given service. Today, there are many more -- and users switch providers
much more easily. This brings up the concept of who owns your identity,
and how complex your identity is. Do you bring it with you when you
leave? Do you abandon it behind you? Do you add it to a stack of
baggage that you must carry with you forever?
The rows of identity stovepipes that we use can add up - phone, email, IM, web sites, blogs, VoIP, etc. How many ways are there to connect? Well, let me count mine...at least, those that I still check or use daily:
- 12 e-mail aliases: "me" at gsb.stanford.edu, stanfordalumni.org,
columbia.edu, christine.net, spacejockeys.com, cyclepartners.com,
omidyar.net1, omidyar.net2, earthlink.net, alphachiomega.net, artsfestsf.org, missionresearch.com
- 7 phone numbers: Home, Home Office, Mobile, Omidyar Main, Omidyar Direct, Space Jockeys Fax, Omidyar Fax
- 2 IM addresses: "me" at Yahoo!, .Mac
- 5 web sites: Christine.net (still haven't integrated with this blog), Omidyar.net, Mission Research, LINES Ballet, Space Jockeys
- 3 blogs: Christine.net, Mystery House (still in development), Advice Line (still in development)
- 1 VoIP address: "me" at Skype
To be eloquent: Yuck.
So, what's in the identity landscape? Johannes Ernst from NetMesh shared the landscape that he sees. There's a group forming called the Liberty Alliance, that is trying to build a "trusted digital ecosystem." The Web Services Interoperability Organization is trying to push Web services interoperability, which ends up making requirements upon identity. Finally, Ernst proposes basing identity on URLs with YADIS Capability Discovery. This identity URL sits at the bottom of a stack with OpenID authentication and LID authentication, along with any authentications that need to be layered on by service providers such as Six Apart. Using a URL as a simple form of identity is a valid idea, but getting everyone to agree is going to be a huge challenge.
Things that Ernst wants vendors to think about:
- Do customers only use my service?
- Would social functionality help my product?
- Do I lose visitors on the sign up for an account page?
- What would identity data theft do to my reputation?
Even Microsoft's talk wound
its way to a discussion about identity today. In their vision, you take
these silos of identity and federate them. Once you solidify your
identity, you can wrap it in context, presence, relationships, etc.
This all makes sense, but then Amritash Raghav went on to build a crazy
bullseye of Unified Communications Vision with arrows bursting forth.
Which perhaps also makes sense, but it was a bit dense to process.
This is all good, interesting stuff - but the user needs to be in control and that wasn't clear from any of these talks. e.g., this needs to be different from an open-standards form of Passport. My business is my business, and there's no need for it to reside on someone else's server.