Dick Hardt from Sxip Identity and Identity 2.0 posed a big question at today's boot camp for the Internet Identity Workshop. What are the key success factors of an Internet identity infrastructure?
Single sign-on is just the tip of the iceberg of the Internet identity problem. How do web sites know that the identity you claim as your own is true? Hardt proposes that these key success factors will be needed in a successful identity infrastructure:
- Internet-scale, componentized, distributed, with support for ad-hoc relationships
- Community-driven, developed collaboratively using open standards, with community-defined schema for data
- Easy to adopt, leveraging existing technology and based on open standards
- Privacy-protecting, supporting choice for the user - choice of identity is separate from the user's identifier, so a user can have multiple personas and only release the minimum data necessary (e.g., Budweiser only needs to know that Hardt is over 21, not that he is 42.)
SXIP 2.0 was released at O'Reilly Etech, and they've received a solid amount of feedback since then. You can see Hardt's presentation (entitled "Who's the Dick on my site") here. SXIP is still working on how it will work with Yadis or other efforts.
This is how SXIP works: The user sends his or her homesite ID to the relying party, say, Evite. A third-party agent authenticates my ID. No relationship is required between the identity agent and the identity consumer - so long as the user has a relationship with both the agent and the consumer, he or she is set. There does, however, need to be a trust relationship between the identity consumer and the identity issuer.
<relief>And oh yes, we changed rooms, so that you could actually hear the speakers.</relief>
Tags: christine herron christine.net space jockeys identity iiw2006 technology sxip
