ID biz models “in the future maybe” says Johannes

Johanne Ernst is a builder of Identity technologies (and one of the clearest thoughtful thinkers about identity technologies and markets. He just posted a great post about business models in the identity space. I know he has at various times tried raise money as an entrepruner in this space – so he has thought a lot about the business models.

For those of you who don’t know Johannes he developed Light-Weight Identity (LID) a URL based ID system at the same time Brad Fitzpatrick did at Live Journal and then participated in merging it all together into YADIS discovery which became woven together with OpenIDv1, XRI/i-names  and sxip to become OpenIDv2. He also was the first drawer of the identity triangle (OpenID, SAML, InfoCards) which evolved into the Venn of Identity.

Many people have ideas for value-added services that could be sold once sufficiently many users used internet identities at enough sites. The trouble is that the transaction volume for OpenID (or any other identity technology on the internet) is still far too low to make this viable.

The mot important sentence is this one – Let’s not confuse being majorly annoyed how long this is all taking (speaking about myself here) with something being fundamentally wrong (because there isn’t).

I take heart with what he has to say especially because he addresses it to a big part of what I do – organize (un)conferences to continue momentum for the field.

From his post:

Value-added services:
Many people have ideas for value-added services that could be sold once sufficiently many users used internet identities at enough sites. The trouble is that the transaction volume for OpenID (or any other identity technology on the internet) is still far too low to make this viable.

So the verdict here is: perhaps in the future.   

So what’s an analyst, or conference organizer, or entrepreneur, or venture capitalist to do?

My take: Hang in there, keep the burn rate low, make no major moves, would be my advice. (Believe it or not, sometimes I’m being asked about my advice on this.) All the signs are pointing in the right direction, the latest being Google’s major OpenID push. Let’s not confuse being majorly annoyed how long this is all taking (speaking about myself here) with something being fundamentally wrong (because there isn’t).

Sooner or later, at least the value-added services opportunity will emerge. Perhaps others. But so far it has not yet.

IIW & Identity Community Bumps in the Road

This is cross posted on the IIW blog .

When we first started meeting (the early “seedling” meetings of community) at other people’s conferences, there were Microsoft people, Liberty Alliance/SAML people, Shibboleth implementers, user-centric folks (OpenID, LID, sxip, i-names/xri), big idea folks (Doc Searls), etc. We met for a couple of hours at a time and knew there was common ground, but knew we needed more time to really understand each other: to have more of a shared language and develop enough strength in the relationships in the community to work together. We figured we needed to have more time to meet together, so we convened the Internet Identity Workshop. That first event was amazing and quite formative – kicking off the conversation that would lead to OpenIDv2 via Yadis. Kim Cameron presented his 7 laws of identity that have become foundational to community thinking and introduced the idea of information cards and selectors; much work is now happening around this.

Soon afterward Brett McDowell the ED at Liberty Alliance approached me and Phil about having an Internet Identity Workshop (IIW) next to (the days following and in the same location) an upcoming Liberty Alliance meeting. We thought this was a great idea to create more space for people to meet about user-centric identity technologies and issues. When Microsoft got wind of this, boy did I get an earful – they felt that the neutrality of IIW would be totally compromised if it came to be that closely associated with Liberty Alliance (remember Liberty Alliance was originally formed by Sun and others in response to Microsoft Passport).

IIW had provided a forum for anyone working on user-centric identity technologies to come together without anyone making an “agenda” for the meeting or creating a “technology road map.” Literally anyone who came could put a subject on the agenda on the day of the event. All parties did want to increase dialogue and cross-pollination among the groups, and we found a way through by jointly (IIW and Liberty Alliance) producing what we named the Identity Open Space (we also said we would be open to co-producing with others who asked – we did two with Digital Identity World). It was in Vancouver Canada and Kim Cameron along with several Microsoft folks along with many in the user-centric community attended and because it was the two days after a Liberty Alliance meeting many Liberty people were also there, and it was a good event that moved the industry forward.

Right in the middle of getting this worked out – I on a personal level had a very intense experience being caught in the middle – a giant trade association on one side and Microsoft on the other. We (me, Phil, Doc, Kim, Brett) managed to navigate this as a community and do the right thing and we became stronger as a community for having done so.

We continued to have IIW’s every 6 months and in 2006 it was clear we were going beyond just IIW and needed a community home/container to connect community efforts and provide common services (blogs, wikis, bank account for doing common work like holding events). We held a series of conversations and decided to create a community organization, drawing on an existing one, Identity Commons – the community liked the purpose and principles approach for bringing people together. As a codition of brand transfer to a our nonprofit organization we worked on our version of purpose and principles. There were some delays in actually getting the organization legally formed and the brand transfered, but in 2007 we were an official organization: a network of organizations, initiatives, and projects all working on different aspects of a people-centric identity layer of the web. There are several places you can read about community history and background around Identity Commons. I wrote “What the heck is Identity Commons?”.

Next fall we are hosting our 9th event. Many things have move forward significantly in the community – OpenIDv2, OAuth, Venn of Identity paper, OSIS Interop, Concordia use-cases, Information Card evolution including Augmented Browsing with Action Cards, Portable Contacts, Open Social, OpenID/OAuth hybrid, Activity Streams, Distributed Social Networking, Discovery particularly XRD. So what has made IIW work so well in fostering the kind of collaboration and innovation that has emerged from it?

  • We have kept the space free: no one has the ability to buy time at the conference.
  • All ideas are welcome: there is no committee controlling the agenda, so politics about what is “on the agenda” or “not” just doesn’t happen.
  • It is a working workshop to solve real problems, move technical projects forward and discuss interoperability among them.
  • We put attention towards creating the space for relationships between people to form naturally over time and thus enabled trust to grow.

FU – The Monday After, Facebook Usernames and Your Domain on the Web

Last week it was announced that on on Friday Night at 9pm Pacific Facebook had a name space land rush. Everyone was free to pick for themselves their username that would appear in their URL. facebook.com/username

I actually found this a bit surprising – remember the big debate on the Social Web TV I had with Josh Elman about “real names.” He was against handles completely and felt that the big value facebook brought was “real names”. I argued for handles and the freedom to choose one’s “identity” on the web. I made the point that free society – having the ability freedom to have the option to have and use handles on the web NOT linked to our given/ in real life names. Another thing is that handles help us navigate namespace clash from regular names. Max from MySpace is 8bitkid not some other Max in a sea of Max’s.

I ran into Josh Elman at the Building43 party and we agreed I kinda won the debate with this latest development. It seems that having peoples pages rank higher in google is helped by having readable URL’s.

They of course “strongly encouraged” people to just pick a URL with one’s real name and did so by “suggesting” names that were derivatives of one’s name. You could override this and type in your own name choice (however defaults matter so most people will end up with names similar to their real name – rather then being asked to think up one). They give users an addressable identity.

Max Engel of MySpace became /8BitKid – his handle “everywhere”

David Recordon surprisingly didn’t go with DaveMan692 – his handle most places – he is /DavidRecordon

My friend Jennifer became /dangerangel as she had originally signed up for in Facebook but they disallowed her to have it.

I just became /Kaliya (I am hoping I can get enough fans to claim /identitywoman for that persona)

What is particularly interesting is the layers of identity in Facebook.

With a Facebook URLFacebook has the one’s username is not one’s e-mail address as it is with Google profiles and one also has a common name (or as they say “real name”) that is presented to throughout the system.

Google ironically enough they ask if you want a “contact” me button on your page that does not give away your e-mail address when the profile URL gives away your e-mail address.

Twitter has /usernames AND another display name of your choosing that is changeable (the /usernames are not). However most twitter clients display one or the other. If you are used to seeing the display name and then are on your phone that is only showing @handle /username then you don’t know who is talking.

Facebook usernames is another example Twitter feature adoption by Facebook others being activity streams becoming much more like twitter streams.

I said when I first “got” twitter about 18 months ago – a big part of the value it provided was its namespace. It gave me a cool anchor on the web that allowed communication between me and others via the web.

So how is it going so far? Inside facebook reports that over the weekend 6 million folks – 3% of their userbase gut URLs. 500,000 in the first 15 min, 1,000,000 in the first hour and 3 million in the first 14 hours.

There were several examples of FaceSquating. Mike Pence took Obiefernadez’s name.

Anil Dash has the funniest post ever about the whole thing. Highlight the point that users don’t need facebook URL’s they can just get their own domain name. He repeats this throughout the post about what these services are not telling you:

None of these posts mention that you can also register a real domain name that you can own, instead of just having another URL on Facebook.

I completely agree with him – he also misses a key point the usability of facebook is vastly higher then the usability of domain name registration, cpanel management and other things involved in getting ones own personal web presence going. DiSo isn’t hear yet so we can’t link to our friends without linking capability that a facebook provides. I suppose Chi.mp was trying to

He links to a post of his from December 2002 called privacy and identity control.

I own my name. I am the first, and definitive, source of information on me.

One of the biggest benefits of that reality is that I now have control. The information I choose to reveal on my site sets the biggest boundaries for my privacy on the web. Granted, I’ll never have total control. But look at most people, especially novice Internet users, who are concerned with privacy. They’re fighting a losing battle, trying to prevent their personal information from being available on the web at all. If you recognize that it’s going to happen, your best bet is to choose how, when, and where it shows up.

That’s the future. Own your name. Buy the domain name, get yourself linked to, and put up a page. Make it a blank page, if you want. Fill it with disinformation or gibberish. Plug in other random people’s names into Googlism and paste their realities into your own. Or, just reveal the parts of your life that you feel represent you most effectively on the web. Publish things that advance your career or your love life or that document your travels around the world. But if you care about your privacy, and you care about your identity, take the steps to control it now.

In a few years, it won’t be as critical. There will be a reasonably trustworthy system of identity and authorship verification. Finding a person’s words and thoughts across different media and time periods will be relatively easy.

What people don’t quite get is that if they anchor their whole online life around someone else’s domain they are locked in. When I first started paying attention to user-centric identity online this was one of the meta-long term issues that the first identity commons folks (Drummond Reed, Fen Lebalm, Owen Davis, Andrew Nelson, Eugene Kim, Jim Fournier, Marc Le Maitre, Bill Barnhill, Nikolaj Nyholm, etc).

A few of them wrote a paper about it all – THE SOCIAL WEB – Creating an Open Social Network with XDI.

They liked the XRI/i-names architecture because it addressed the URL recycling problem with a layer of abstraction. All i-names also have linked to them a conical identifier – an i-number. This number is never reassigned in the global registry. However one could “sell” one’s i-name (mine is =kaliya) and that new person could use it but it would have a different i-number assigned to it for that person.

This past week at the Online Community Unconference we were talking about the issue of conversation tracking around blog conversations. How an one watch/track the conversation about one’s work if it is cross posted on 10 different sites OR if it is just posted in one place and one is distributing a link through 10 different channels? We never did get to an answer – I chimed in that the web was missing an abstraction layer – that if one could have a canonical identifier for a post that was up in 10 different places this would make it easier to track/see conversations about that post. What we do have now that we didn’t have 3 years ago for helping track conversations across multiple contexts is OpenID at least so you can see if someone commenting in one place is the same as someone commenting in another.

There is an additional layer of abstraction in the XRI architecture that supports several things are key to helping people integrate themselves and information about themselves on thew web.

One is cross referencing – so I could have have two different (URI) addresses for the same information (in the identifier – not just mapped over one another leaving me with one address OR the other) and also have one version of my profile be the one I controlled and a different be a version that appeared in a certain social context.

There is also a concept of much finer grained data addressability and control – so I could have my home address in one place and instead of entering this into each website/services/company portal that I want to have this information – just hand them a link to the canonical copy I manage and then I don’t have to change it everywhere. This is of course where the VRM folks are going with their architectures and services.

We shall see how it all evolves. That is what we do at the Internet Identity Workshop is keeping on working on figuring this all out.

Tagging using XRI

Drummond just posted a fantastic articulation how on might use XRI to do open tagging. Some of you may not be following the emergence of Tagging in the blogoshpere but it is really real with many services now empowering their members to tag. It has exploded so much that they have begun he World’s First Social Social Tagging Site Tagging Site site Supercilious. Tag Tuesday is the real hub of this emerging developer/social media creator community. Perhaps Drummond has just created the outlines for a presentation there I know Nile was asking for suggestions about who could present the next month so let them know when you will be in town D.

Announcing the Internet Identity Workshop (IIW2005)

There’s been considerable conversation around identity on the Internet, or what some would call grassroots identity. Providing identity services between people, websites, and organizations that may or may not have any kind of formalized relationship is a different problem than providing authentication and authorization services within a single organization. Many have argued that the lack of a credible identity infrastructure will eventually result in the Internet being so overrun with fraud as to make it useless for many interesting uses.

To solve this problem, or pieces of it, companies and individuals have made a variety of architectural and governance proposals. Some of these include:

Myself, Phil Windley, Drummond Reed, and Doc Searls are hosting the Internet Identity Workshop in Berkeley on October 25 and 26th to provide a forum to disucss these and other architectural and governance proposals for Internet-wide identity services and their underlying philosophies. The workshop will comprise a day of presentations on Internet-scale identity architectures followed by a day of structured open space to accommodate the range of topics and issues that will emerge from day one and other issues and identity services that do not fit into the scope of the formal presentations. We’re hoping that adding a little more formality to the conversation will aid in digesting some of the various proposals.
We’re inviting presentations for the first day on the following topics:

  • Problems, issues, politics, and economics or Internet-scale identity systems.
  • Architectures for Internet-scale identity systems
  • Philosophies that drive architectural decisions in these systems (see Kim Cameron’s Laws of Identity for an example of such a philosophy

If you’d like to present on some other topic, drop one of us a line first and we’ll see how it fits in. Prospective presenters will be asked to submit a 250-300 word abstract. We hope to accomodate everyone, but we may end up picking from the abstracts.

I’m excited about this and looking forward to it. I hope we can have a good set of presentations the first day and a solid day of discussion the second. If you’re interested in this sort of thing, I hope to see you there. Please read the full announcement for some other details and register if you’re coming. There is a $75 charge to cover the cost of the venue, administrative expenses, and the cost of snacks and lunch both dats.