Identity Uniqueness Problem - Can openid solve it?

[Drummond Reed]

Having worked on this problem for seven years now as part of the XRI
effort, let me share this thought: smart enough software, and intelligent
enough identifier standards (which XRI aspires to be), can give you
effectively what you seek.

In other words, to use John's example, to all the people and organizations
that matter to you you COULD be just "John" -- from your perspective. And
all those people and organizations could be just the simple, human-friendly
name you want to assign them -- from your perspective. (Note that those
simple, human-friendly names you assign to them still need to be unique --
from your perspective -- or else you won't be able to distinguish between
them yourself.)

All of this can work *from your perspective* because the smart software and
identifier standards would automatically do the mapping between your own
set of preferred identifiers and the globally-unique identifiers needed to
identify all those other parties in the manner needed to communicate with
them over the net (and under the privacy policies they prefer).

It's another example of how making things really, really simple for the end-
user is really, really hard.

But someone's got to do it ;-)

=Drummond (i-name: =drummond.reed, http://xri.net/=drummond.reed) 

-----Original Message-----
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of John Kemp
Sent: Wednesday, September 20, 2006 5:52 AM
To: 백주성
Cc: general at openid.net
Subject: Re: Identity Uniqueness Problem - Can openid solve it?

백주성 wrote:
> Identity Uniqueness Problem

Note ^^^^^ /identity/ Uniqueness problem. There's a difference between
an identifier, a unique identifier, and an identity ( basically a
collection of identifiers)!

> 
> I think that
> 
> Identifier should be one which he/she really want.
> 
> Identifier can be modified as his/her wish.
> 
> Identifier should not be unique.

An identifier is something that identifies you. In other words, it puts
you in a set (potentially a set containing only one element if it is a
unique identifier for you) of those identified by that identifier.

An identity consists of some attributes about you. Those attributes ae
often identifiers. My name "John" is an identifier. If you said "create
a set of all people called John", I'd be in that set. In other words, I
am identified by that identifier.

John is, of course, not a unique identifier.

Many companies assign /unique/ identifiers to an individual. Such an
identifier has the purpose of uniquely identifying a single individual
(or thing).

Imagine that you have a bank account - if someone needed to put money
into that bank account, they'd want to ensure it was the bank account of
the single entity that they wished to pay. It would be pretty bad if
they couldn't uniquely identify the bank account!

So, there's some services that need to uniquely identify an individual
(ie. banking, government etc.) There are some services that provide
better service by uniquely (or partially) identifying an individual. If
a service knows it's you, uniquely, it can customize its service (what
are your preferences for news content - likely not the same as mine?)
And then there are also many services that need only /partially/
identify you (your post code is an identifier for you, in that you would
fit into the set of all people who live in that postal area, and could
be used to give you the weather report for your post code).

OpenID seems to be focused on the use-cases for uniquely identifying an
individual.

And in my opinion, I don't think a /user/ should ever need to know his
or her unique identifier assigned by some identity provider and used at
same service provider.

- John
> 
>  
> 
> How do you think about that?
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general