[OpenID] Real Identity Verification

Tue Nov 4 10:24:53 UTC 2008

This is interesting Eddy.

I kind of see three ways that this kind of OpenID “verification” can happen.

1.       Reputation

a.       In this case, the longer you use your OpenID, the more people will come to know it is associated with you. I’d be interested in how we could explicitly extend this concept to support a distributed reputation system where you can attach OpenID Reputation points which are assigned from other sites. These could even be broken down into types of reputation. The longer and more you use it the more reputation points. Even sending an email that isn’t spam etc via Gmail or Windows Live could “increment” your reputation score (like pagerank, but for OpenID). 

2.       Friend Verification

a.       Slightly more explicit and extension of the above whereby friends can verify things you write down about yourself so that others can trust them more. John says he works at Google Inc and Brian has verified this etc.

3.       Central Validation

a.       Shibboleth model and probably needed for institutions who perhaps verify things such as “Yes, this is definitely Dr. Livingstone” etc.

Does your Web of Trust concept tie in more with number 3 than the others or is if more about associating an OpenID with a cert so that saying something with your OpenID can be strongly verified (e.g. via the associated dig sig?).

steven

http://livz.org

From: Eddy Nigg (StartCom Ltd.) [mailto:eddy_nigg at startcom.org] 
Sent: 04 November 2008 09:34
To: Steven Livingstone-Perez
Cc: general at openid.net
Subject: Re: [OpenID] Real Identity Verification

Arrrrg... https://blog.startcom.org/?p=128

Sorry and thanks!

On 11/04/2008 11:37 AM, Steven Livingstone-Perez: 

Eddy, where can I find this article?

From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of Eddy Nigg (StartCom Ltd.)
Sent: 04 November 2008 09:31
To: Rebecca Cannon
Cc: general at openid.net
Subject: Re: [OpenID] Real Identity Verification

Rebecca, I forgot about it, but let me shamelessly promote a small article concerning identity validation in relation to OpenID I just wrote recently. Here validations including ones which are performed by a community network come into play. Thanks. :-)

On 11/04/2008 11:23 AM, Eddy Nigg (StartCom Ltd.): 

There are some providers which can provide you this service, please see http://www.startssl.com/?app=14
For example my ID is here: https://eddyn.startssl.com/

However no useful exchange protocol or standard for OpenID exists really to automatically on such information, but Nat, who also posted a reply to your question, is working on setting up a work group for trust exchange (TX) which might facilitate such exchange of information. I expect TX to be highly interesting in this respect.

For now I guess you'll have to hand-pick the providers which do perform real identity validations.

Regards 

Signer: 

Eddy Nigg, StartCom Ltd. <http://www.startcom.org> 

Jabber: 

startcom at startcom.org

Blog: 

Join the Revolution! <http://blog.startcom.org> 

Phone: 

+1.213.341.0390

On 11/04/2008 07:10 AM, Rebecca Cannon: 

Hi all

I'm researching a new online service that I will be building. I want to use Open ID, however we're going to require real-world identification verification, as the service will have legally binding information in it.

Just wondering whether open id is being used with real-world identification verification, and what the list's thoughts are on this. 

Thanks,

Rebecca

 <http://www.webbyawards.com/> 

  _____  

_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general

  _____  

_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081104/7a73e779/attachment-0002.htm>