Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×

Digital Identities Now Available 170

Largecranium writes, "I-names, the only globally unique, resolvable namespace in parallel to the DNS system and compatible with OpenID, are being introduced during Digital ID World in Santa Clara. I-Names are only as useful as the services they enable; the services that are available today are interesting but not life-changing. The ones that are coming in the next 6-12 months could change the way people interact online. I-names and their value (today and tomorrow) are casually explained at iwantmynamenow.com." I-names are the lineal descendant of the technology that began as XNS and continues evolving today as XDI.
This discussion has been archived. No new comments can be posted.

Digital Identities Now Available

Comments Filter:
  • excellent! (Score:5, Funny)

    by macadamia_harold ( 947445 ) on Wednesday September 13, 2006 @05:34AM (#16095039) Homepage
    Digital Identities Now Available

    Excellent! Because, you know, regular identity theft was just becoming boring.
    • by rf0 ( 159958 )
      Now people can go virtual dumpster diving to find out all about you. I will be hoenst that I don't quite understand how this works but from the little I picked up there may be 3rd party broker services. How long before one of those loose a laptop or similar?
  • by BadAnalogyGuy ( 945258 ) <BadAnalogyGuy@gmail.com> on Wednesday September 13, 2006 @05:35AM (#16095041)
    Let's reduce this project to something simpler and more easily understood than the gibberish in the writeup.

    Pay $5 to use the internet.

    or

    Passport.NET for money.

    Either way you slice it, it's unnecessary and dumb when the alternative is free and already exists. What is the alternative? Your email address and password. On top of that, you can get virtually any email address you'd like from any number of free online webmail sites like GMale and Hotmail.

    What's the point?
    • by Vihai ( 668734 )

      email address and password do not work, unless you want everyone to know (and, why not, use) your password.

      email address and a digital certificate are fine, thought. The critical point becomes the CA, but there are good solutions [cacert.org] to that.

    • Re: (Score:2, Funny)

      GMale? That doesn't sound like a place to get email addresses. I'm not even gonna tray that on my browser, I can easily guess what it'll bring up...

      Sorry, I just found the typo amusing.
    • Re: (Score:3, Insightful)

      by Shaper_pmp ( 825142 )
      I dunno - it seems like a potentially interesting idea.

      It would be useful to have a single point of contact which doesn't ever have to change. For example, for one reason or another, most people I know seem to change their e-mails or mobile numbers at least once every few years. (PEDANTS: Yes, yes, I know, you've had yours for the last three centuries. Sit down - I said "most people". I'm not talking to you.)

      If you could have a system that makes that unnecessary (or at least, painless for all concerned)
      • Re: (Score:3, Insightful)

        by Denial93 ( 773403 )
        > a single point of contact which doesn't ever have to change

        Ever as in: as long as you pay $20 every year?

        It doesn't make sense in any way, for customers. For people who seek to collect all data about you and are forever after a unique ID (see SSN) to organize their victi^H^H^H^H^Hcustomer database more effectively, it must seem like something really worth looking into. I reckon we are seeing a particularly blatant grab for investors money. More power to the guys who do it: stupid investors need to b
        • "Ever as in: as long as you pay $20 every year?"

          And how much do (for example) domain-names cost? And are they remotely as useful as this? This is like a meta-domain name, a meta-e-mail address, meta-phone number and meta-postal address all in one.

          "It doesn't make sense in any way, for customers."

          What, you mean apart from all those ways I listed in my previous post?

          Hello-o?

          "For people who seek to collect all data about you and are forever after a unique ID (see SSN) to organize their victi^H^H^H^H^Hcustome
          • by wfberg ( 24378 )

            Please explain how a repository of personal contact information that you personally grant access permissions to on a user-by-user basis is a boon to marketing scumbags.


            I have a website.
            It has a contact form.
            Wanna contact me, fill in the form, I gets e-mail and decide what to do with your request.
            Costs me less than $20/year, and it works with everybody's existing setup.

            Single sign-on? Bah. Either I care about my "identity" on some site and create an account, or I'll just be an anonymous coward (or even creat
            • Sorry, but this is so daft I barely know where to begin...

              Surely by that metric you can write off the telephone, post, semaphore and morse code as "a boon to marketing scumbags", too then?

              In fact, since you can apparently select precisely who gets to see what contact information using i-name, and you can't easily filter who completes a form on your (very public) website, your "solution" is clearly deeply defective compared to the one you're disparaging.

              But lets take your assertions one-by-one:

              I have a websi
              • by wfberg ( 24378 )
                Wow. You're really crabby about this.

                I'll just point out the obvious ones
                1) How would people know my URL? How would they know my "i-Name"? Hey! Same thing! FWIW there already are X.500/LDAP directories on the web (one was even pushed by microsoft and included in NetMeeting) and guess what, no one really thought it convenient enough so that it rose to any sort of popularity.
                2) you can't invite all your friends to a party? Why, perhaps they're not all on "i-name".. Perhaps I don't want to receive mass mailing
                • "Wow. You're really crabby about this."

                  Sorry - it's just that people posting "X is crap because I personally don't need it" are a pet hate of mine.

                  Regarding your other points... good points, every one.

                  I'm not saying i-name is an unimpeachably good idea, merely that BadAnalogyGuy had yet to voice a good objection. The overwhelming majority of people immediately wrote this off as a scam, apparently without even bothering to consider if it could turn into a useful idea.

                  You're right - at the moment (lacking wi
        • Re: (Score:3, Interesting)

          by swillden ( 191260 ) *

          Ever as in: as long as you pay $20 every year?

          Just like I pay $35 per year for my domain name. If this becomes widespread (which it probably won't), prices will come down. Plus, these i-names can be hierarchical, like domain names, so you can, for example, register = and then give i-names to all of your family members, and they won't have to pay a thing.

          The part of the idea that I'm most skeptical of (well, other than the idea that it will actually be used) is the notion that you can "withdraw" acces

          • by Guignol ( 159087 )
            I don't really know much about this, but couldn't you also rely on 'trustable' entities for this kind of data ?
            I mean, who would need your address in the first place that you feel you would want them to 'not know anymore' ?
            I suppose you (correct me if I whoosh too :)) are thinking about some online store that needs to ship whatever you bought online, maybe to facture too.
            couldn't that also rely on external services ?
            (the online store ships with only your digital identity that the delivery service (dhl,
            • Good points... I hadn't thought about how useful it would be to have one service provider hand your i-name to another, and for each of them to be able to translate it into the information they need, and *only* the information they need.

              Taken to the extreme, you could even put the payment information into the i-name and give the retailer access to that. The retailer wouldn't have access to your shipping address, though. Then the retailer would pass your i-name to the shipper, who could use it to look up

      • by Eivind ( 15695 )
        If you want to (for example) change your e-mail address or move house you just update your info in one single place, safe in the knowledge that people can still contact you. No more phoning around banks, credit card companies, utility companies, phone/broadband companies, loyalty card companies, friends, relatives, etc, etc, etc, etc, etc.

        It may amuse you to notice that Norway (and other scandinavian countries) already has something sorta like this (and did for atleast the last 30 years!).

        It works like

    • Re: (Score:3, Informative)

      by lavaface ( 685630 )
      I think it's a little more than that. I first came across XDI when I was researching open alternatives to Myspace. I signed up for friendster several years ago but never really used it much. When I finally got a myspace account, I had to fill out the same info yet again (interests, etc). On top of that, I found the myspace interface annoying. What would be great, I thought, would be a basic profile that could be shared across different sites. Kind of like a vCard on steroids. Something that would preserve y
      • by mgblst ( 80109 )
        Wow, so in several years you had to fill out the same info? Not really that much of a hassle, is it, unless you are signing up to these sites every week or so. Is it really worth the loss of privacy? For example, some sites you want to have your phone number (you bank), but most you probably won't. Some you will want to have your address (ebay), but most you won't. But each site will have access to all your information, and they will won't more than they need, because information is useful.
    • Re: (Score:3, Interesting)

      by Zeinfeld ( 263942 )
      There is one name system for the Internet: the DNS.

      Establishing critical mass for a directory scheme requires a huge amount of work. Establishing critical mass for a proprietary scheme which is intended to displace a large, deployed and reasonably open scheme is doomed from the start.

      The XDI scheme is controlled through a series of patents which have been vested in a 'non-profit' entity controlled by the original owners which in turn re-licensed them back to the original owners. This series of moves is

  • Trust / No Trust (Score:2, Insightful)

    They say:

    You can store your personal data (like your shipping address or your email address) at a trusted source and give access to it.


    But they don't explain anything which might make me consider them to be trustworthy.
    This is a skethcy sketch, methinks.
  • From TFA:
    Goals of this site:
    First, it's a place to park the big orange button that says "Buy a Name Now!" so people that want to get a name that means something to them, can..... First-Year-For-$5 promotion was born....Normally, an = i-name costs about $20 per year.
    Goals of this reader: no thanks.
    • by arun_s ( 877518 )
      In contrast, the OpenID site says:

      Nobody should own this. Nobody's planning on making any money from this. The goal is to release every part of this under the most liberal licenses possible, so there's no money or licensing or registering required to play.

      Now I really haven't heard about OpenID or I-Names before, can somebody clarify? Is OpenID the (free) specification or standard, and I-Names the (charged) implementation?
      And as everybody's already pointing out, whats wrong with good ol' email ID authent

      • One weakness of email IDs is that the cost of creating multiple email addresses is very low. A reputation-based scheme such as an auction feedback is of limited value when it is straightforward for a person to give himself thousands of positive feedbacks.
  • YATBFARIADS (Score:5, Insightful)

    by spectrokid ( 660550 ) on Wednesday September 13, 2006 @05:53AM (#16095083) Homepage
    And for those who didn't get the subject line: Yet Another Twenty Bucks For A Record In A Database Scam
    • Re: (Score:2, Funny)

      When all of the cool kids are in the database, won't it be worth your twenty dollars to join?
      • by jamesh ( 87723 )
        More important than that, you'd better register your name now before someone else registers it first and then pretends to be you.

        Seriously though, can't we all just use our slashdot ID's? I'd much prefer to be a member of an organisation that looked deep into my soul and assigned me a number based on the order in which i joined.
      • More like: When all of the cool kids are in the database, we'll know who to avoid.
  • New.Net? (Score:4, Insightful)

    by erig ( 1000750 ) on Wednesday September 13, 2006 @05:53AM (#16095084) Homepage
    Why does this remind me of new.net's custom TLD registrations, that only worked if you used them as a root nameserver? (or had spyware that added that). Same thing here apparently, you register and get an "i-Name" that only works for providers that offer authentication based on it.
    • This also feels like all those agencies that will let you pay a pile of money to name a star after yourself... in the records of that one agency, which aren't actually recognized by anyone ever.

      If this takes off remind me to fire up some spare domain name, install a big pile of whatever apps are lying around (forums, chats, IMs, auctions, blogs, networking, all that junk,) name it "teh REAL internets!!!" and then auction off the login names.
    • Probably because it is exactly like that.

      Nevertheless, that doesn't stop it being a good ide, if enough people get on-board.

      I have absolutely no doubt there were forums full of people saying exactly the same things about DNS before that took off, too[1]. For-pay? Publically-accessible contact details? Right, like anyone's going to use *that* minority system! Fnord! FNORD!

      Not to say it'll definitely take off, but I think the tide of scorn being heaped on it is perhaps a little premature.

      [1] Or would hav
  • by Anonymous Coward on Wednesday September 13, 2006 @05:59AM (#16095094)
    Ive always prefered the warm feeling of my analog identity, just like i prefer the sounds of vinyl and tubes.
    • But as with all analog/digital differences, you wont be able to clone your identity as easily in analog. In digital it is 1 database record to make another you!
  • by Dekortage ( 697532 ) on Wednesday September 13, 2006 @06:01AM (#16095099) Homepage

    The Wikipedia [wikipedia.org] article on i-names says this: "One problem XRIs are designed to solve is persistent addressing -- how to maintain an address that does not need to change no matter how often the contact data for a person or organization changes."

    Uhhh... I don't want persistent addressing. I like the idea that if I really wanted to, I could change my e-mail accounts or shut down my web site I have several e-mail accounts for use with different kinds of contacts: some for shopping, some for friends, some for business. I don't mix them. I don't want to mix them.

    This also sounds like what Social Security Numbers [wikipedia.org] have become in the U.S.: a catch-all identification number that you are asked for by every bank, employer, insurance company, hospital, car dealership, etc. I don't want to give them all my SSN. It's private, meant for government/tax purposes, but now everyone claims they need it. If I-names become popular, will something similar happen with them? (not trying to sound alarmist, just thinking out loud)

    • Re: (Score:2, Informative)

      by kfg ( 145172 ) *
      I don't want to give them all my SSN. It's private, meant for government/tax purposes, but now everyone claims they need it.

      This is what happens when the government sees itself as an interested party in all financial transactions.

      KFG
    • Errrrm... ok...

      I'll agree with you 100%...

      Just point to the bit that says you won't be able to register more than one i-name. ...

      Anyone?
    • I have several e-mail accounts for use with different kinds of contacts: some for shopping, some for friends, some for business. I don't mix them. I don't want to mix them.

      As I understand it, you can do that with i-names. You can create as many names as you want (as many as you want to pay for!) and you can define them to be synonyms, so they link ultimately to the same identification data, but are completely distinct as far as anyone but you (and the registrar) knows. Or you can keep them completely s

    • by Jeremi ( 14640 )
      Uhhh... I don't want persistent addressing.


      Maybe you should re-read the Wikipedia text you quoted. "Does not need to change" is not the same thing as "cannot be changed". If you want to shut down your I-name and start another one, you have the option of doing so. I also don't see any reason why you couldn't open several simulaneous accounts if you wanted to.

    • Uhhh... I don't want persistent addressing. I like the idea that if I really wanted to, I could change my e-mail accounts or shut down my web site I have several e-mail accounts for use with different kinds of contacts: some for shopping, some for friends, some for business. I don't mix them. I don't want to mix them.

      Given a system that provides persistent addressing, it is simple to get non-persistent addressing: simply stop using the persistent name, and get a new persistent name.

  • by Burz ( 138833 ) on Wednesday September 13, 2006 @06:03AM (#16095105) Homepage Journal
    ...we were wondering what happened to the surviving middlemen from the B-Ark.

    What's that you say? They work for "i-names" now?

    "Internet sanitizers" you say? Well.... we're so delighted their safely with you.

    (And not us!)
  • So, now you have another place for "name prospectors" to hunt down all the best names and try to make money by owning the ones that have marketing value. The site's home page even says:
    "these names are unique, so those who are paying attention can get the name or names that they want."
    That was enough for me to write it off.

    This doesn't go as far toward an actual unique and secure identity as an x.509 certificate, isn't as flexible at handling people who have the same name, has no track record for trust or security, and is controlled by a single organization.

    This looks to me like someone's way to make money fast on the interweb by having a signup race for cool names at $5 (then $20) per year each.

    We know how well regulated, fair, and efficient the DNS system has been.

    • This doesn't go as far toward an actual unique and secure identity as an x.509 certificate

      This idea is orthogonal to the purpose of a certificate. In fact, the ideas are complementary. The purpose of a certificate is to attest to a binding between some identification information and a private key which can be used to identify the holder of that identification information. All of the information in a certificate is visible and static. The (theoretical) purpose of this i-name is to be a link to a bundl

      • x.509 certificates essentially say "This is who I am, according to this trusted authority. Further, with this identification I've presented to you, you can secure your communication to me."

        The "Who I am" is more than just my name. It can include my name, address, and other identifying features which make it far superior to simply a name. There is the uniqueid part, and then there is the name part. They are not the same.

        What would help much more, is for x.509 to become more widespread. I suspect that eve
        • x.509 certificates essentially say "This is who I am, according to this trusted authority. Further, with this identification I've presented to you, you can secure your communication to me."

          Other than not mentioning the use of the key pair to encrypt communications, that's exactly what I said. A certificate binds identification information to a key pair. All of the information in the certificate is visible and static, whereas an i-name is dynamic and visibility of the contained information is configurab

  • "The ones that are coming in the next 6-12 months could change the way people interact online."

    So... we'll all be browsing on Segways?
  • Hmm... Single sign-in... That sounds so... familiar... OH YEAH! M$ tried to push this crap down our throats for free. Maybe these guys will try to sue M$ for their 'single sign-in' monopoly when they utterly fail to have anyone even care.
  • These are not identities, but paid-for logins. Wake me up when you implement a true identity - one login per meat-puppet per lifetime, please.
    • Identity systems can provide real value even if they're pseudonymous and even if IDs are easily acquired: Attach an externally-queryable reputation system (with privacy policies, of course) that makes one's *history* a commodity worth accumulating. Factors in one's reputation could include length of tenure & types of transactions.

      Think about it... anyone can get an eBay ID, but have you seen many spambots with a high feedback score? Whether allowed or not, there's not *that* much benefit in getting a ne
      • Funny you mentioned eBay, as it also shows the darker side of value through history. Gain reputation, sell some bricks as laptops, profit. And of course get a new login...
        • True enough. There's probably going to be an eternal tug-of-war between high and low entry barriers. That which is too cheap, fast & easy to utilize (like SMTP connections) tends to create boatloads of noise for every unit of signal. On the other hand, systems with excessively high entry barriers create very little noise at all, but not much signal either.

          But even in the eBay example, brick laptopping activity is at least *hindered* by having a reputation system in place, since the "gain reputation" ste
  • by rlp ( 11898 ) on Wednesday September 13, 2006 @07:29AM (#16095318)
    It sounds like a single-sign-on system like Microsoft Passport (only w/o Microsoft). I didn't see any discussion of authentication. Microsoft used a central Microsoft controlled database. Companies were reluctant to allow Microsoft to be an intermediary between them and their customers. (And were more reluctant to pay another Microsoft tax). Consumers were wary of a central database of ID's controlled by Microsoft. I saw no discussion of how authentication is supposed to work with this system, or more importantly who maintains the database(s) of credentials. For that matter, I saw no discussion of verification - I register 'George.Smith' and associate it with some contact meta-data. Do they verify any of that? Can I register 'George.W.Bush' or 'Bill.Gates'? So far the site seems mostly to tout the low price. Great, it's cheap. What do I get? And why would I want it?
    • by rlp ( 11898 )
      If you dig down into links on the site, there's some real technical detail. From my quick viewing I got that the system is distributed, XML-based, and supports two-factor authentication. You choose your registrar - register your credentials with them, and third parties can use XML requests to the registrar to verify your identity (without getting access to your credentials). Interesting - yes. Compelling - way to early to say (but like MS Passport, probably not).
    • I believe the article said they use OpenID [wikipedia.org].
  • Advert (Score:3, Insightful)

    by kylegordon ( 159137 ) on Wednesday September 13, 2006 @07:40AM (#16095373) Homepage
    Slashdot already has adverts around the sides of the stories. We don't need the stories to be adverts as well.
  • I like the idea of being able to give organisations revokable pointers to my details. As long as the organisation which kept the details was transparent and accountable, I'd be fairly happy about using it. Get credit card companies to use it to reduce fraud (somehow) and maybe you've even found a way to finance it: greater online security might encourage more online purchases...

    The biggest flaw in the proposed scheme (if I understand it correctly) is that the reference you give each organisation is the same
  • What, exactly, does this provide that email does not, save a place to throw money away and a vector for fraud and identity theft? How is this not the worst business model since the :CueCat?
    • by Tim C ( 15259 )
      I believe that part of the point is that your "digital identity" is independent of any contact details, so you can change your email address and still be idenitifiable as you.
  • ... can I use it with my CueCat?
  • you mean like the other i-name sites that have all charged 20 dollars a year?
  • To all you who call this nothing but a database scam, ala the darknet DNS registries, you're dead wrong. i-Names is the popular name for XRI, which is an OASIS standard. Those who sell i-Names are not fly-by-nighters just trying to make a money grab. They authorized by the XRI governing body to do so, and are the exact equiavalent of a DNS registry. There are a dozen or so i-Names brokers. The entire system interoperates. Many of the i-Name brokers are also DNS registries, such as Neustar.

    XRI is an open sta
    • by anagama ( 611277 )

      I think you guys should stop shooting from the hip, and actually (I know this is asking a lot on /.) do a little research.

      If you want people to not think it is just a DB record scam, it would be helpful to link to a site that explains what this is good for. Yes, I looked at every link in the header, and sub-links as well, and for the life of me, I can't see why this is useful. The i-names main site meanders around a bit, but mostly says it is a great deal at $5 because next year it will be $20. Whatev

    • However, none of this is answering the basic question: why do I want this? What's in it for me? I don't want a single unique digital ID, visible to anyone on the internet who wants to see it. I know it is Possible to link peoples' various identities together, but I feel no obligation to make it Trivial by willingly participating in such a scheme. Companies get no more information out of me than I'm willing to give them, on a case-by-case basis. If I buy a book from Amazon, what business is it of theirs are
  • If I want an openid compatible service why wouldn't I just sign up with myopenid.com ? (Actually I have, it works to post livejournal comments, log into zooomr, etc.)
  • Why, oh why, are I-names (and every other login on the planet) so restrictive? No accents, no question marks, no symbols but periods, hyphens, and underscores, no Unicode, even more restrictions on first and last characters, and God forbid you use spaces!

    Why? Supporting these things is trivial! Trivial!
  • A few years ago when .name came out I registered my name, John.Doe.name or whatever. I did the whole family, it was pretty cheap. But then we never used them and there didn't seem to be much point. Still it seems like if you want a name space for people's names, it already exists. And it's only $10/year.
  • How does this compare to having an OpenPGP key? I know OpenPGP and trust it. Who is this newcomer and what do they have to offer that an established standard does not?

It's currently a problem of access to gigabits through punybaud. -- J. C. R. Licklider

Working...