[irq]: techie interrupted26/01/2010
virtual identity singularity
[There’s a line in my “web in twenty” post about having a single virtual federated identity for anyone who wants one. It reminded me about this bit of postage that I wrote in 2005 and reproduced here with some minor edits.]
There’s nothing (afaik) that actually does what I am pining for–a consolidated representation of my virtual identity.
Having a standard (extensible) profile format that service providers could be convinced to comply with (or at least import/export) would go a long ways towards bringing together all the disparate aspects of all the services people use.
To think of it another way, this would be like having a social federated identity.
Ideally, what I want is a single [extensible format based] XML file on the net and a profile editor. I then want to be able to apply different maps or filters to create a “friendster view”, or a “linkedin view”, or a “google talk view”.. you get the picture. I can see two obvious ways to do the latter:
* the profile editor affording me the ability to tag individual or multiple profile elements as viewable by X service/application
* the profile editor accepting service/app-maps allowing me to create a X-map stating that X’s version of the profile (X’s view) gets A,B,F,G,.. elements.
By the way, there are a lot of providers out there that do federated identity for federated authentication (single sign on), though no one talks about it that way. I really don’t think SSO matters. It’s a different problem altogether from having a single virtual identity. Authentication != Identification. How you authenticate someone’s virtual identity to arrange for SSO across multiple services- is a related, but distinct, problem with it’s own set of hurdles.
Finally, speaking of federated identity, I’d like to have my business and personal profiles be entirely distinct. The business one would be a true federated identity (in the commercial sense) serviced by federated identity managers and served up to the zones where I am authenticated in the same way that my personal identity would be served up to services I use. I guarantee that the security processes and protocols involved in the business version would be a severe drag on using the personal version. I also guarantee that the relative lack of security processes and protocols in the personal version would introduce an untenable risk to the business version.