Identity Uniqueness Problem - Can openid solve it?

John Kemp john.kemp at mac.com
Wed Sep 20 12:52:04 UTC 2006 

백주성 wrote:
> Identity Uniqueness Problem

Note ^^^^^ /identity/ Uniqueness problem. There's a difference between
an identifier, a unique identifier, and an identity ( basically a
collection of identifiers)!

> 
> I think that
> 
> Identifier should be one which he/she really want.
> 
> Identifier can be modified as his/her wish.
> 
> Identifier should not be unique.

An identifier is something that identifies you. In other words, it puts
you in a set (potentially a set containing only one element if it is a
unique identifier for you) of those identified by that identifier.

An identity consists of some attributes about you. Those attributes ae
often identifiers. My name "John" is an identifier. If you said "create
a set of all people called John", I'd be in that set. In other words, I
am identified by that identifier.

John is, of course, not a unique identifier.

Many companies assign /unique/ identifiers to an individual. Such an
identifier has the purpose of uniquely identifying a single individual
(or thing).

Imagine that you have a bank account - if someone needed to put money
into that bank account, they'd want to ensure it was the bank account of
the single entity that they wished to pay. It would be pretty bad if
they couldn't uniquely identify the bank account!

So, there's some services that need to uniquely identify an individual
(ie. banking, government etc.) There are some services that provide
better service by uniquely (or partially) identifying an individual. If
a service knows it's you, uniquely, it can customize its service (what
are your preferences for news content - likely not the same as mine?)
And then there are also many services that need only /partially/
identify you (your post code is an identifier for you, in that you would
fit into the set of all people who live in that postal area, and could
be used to give you the weather report for your post code).

OpenID seems to be focused on the use-cases for uniquely identifying an
individual.

And in my opinion, I don't think a /user/ should ever need to know his
or her unique identifier assigned by some identity provider and used at
same service provider.

- John
> 
>  
> 
> How do you think about that?
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list