martin paljak

Rein Lang, tuntud valitsuse anti-leimar, tuleb Postimehele antud intervjuus lagedale järgnevaga:

Ma tulen nüri järjekindlusega tagasi selle juurde, et kui Eestis on kasutusele võetud ja seadusega kohustuslikuks tehtud ID-kaart ja sellega seonduv X-tee keskkond, siis miks ei või teha nii, et ee-domeenides olevad kommentaariumid ja keskkonnad oleksid ligipääsetavad ID-kaardi vahendusel.

Siit siis minu kui IT-inimese konteksti sobitatud teravmeelne tehnovastus: luua X-tee rakendus – kommenteerimise platvorm – kus kõik kommentaarid käivad programmeeritud ja õlitatud töövoona läbi kohaliku omavalitsuse, KAPO, Langi postkasti ja veel mõne vajaliku aga salastatud koha, kus iga verstapost peab kommentaari digiallkirjaga kinnitama. Ja alles siis kui meie riigi usin IT-infrastruktuur on kommentaari heaks kiitnud jõuab ilus ja rõõsa kommentaar delfisse või rate.ee pildi alla.

Tehnofriikide unistus – milline integratsioon süsteemide vahel!

Eesmärk võib olla sama hea ja üllas nagu eestikeelsete veebilehtede puhul. Kuid taktika on toores mõlemal ideel.

Laskumata seletustesse, miks ja kuidas ID-kaart hea on (ennekõike kasutajale endale) ja kuidas sellega saab privaatsust ja virtuaalset anonüümsust kaitsta ja ka alusetut lahmimist ehk leimimist vältida, ei kiida heaks Langi sõnu. Orwelliliku suure venna paranoiale jõudu andvate ideede levitamisega tõmbab Lang vett peale ID-kaardi levimiseks vajaliku kasutaja usalduse tekkimisele. Mis tegelikult välistab Langi idee teostumise. Sest käskides ja kohustades ID-kaardi kasutuselevõttu ei kiirenda ega paranda. Piitsa asemel on vaja rohkem präänikut.

Kui nii edasi, siis varsti võtab keegi kätte ja pistab Langi pilafilmi.

Knock-knock! Who’s there? It’s me!

This works when you’re visiting your friends garage after you have called him beforehand. But we all know that internet doesn’t work this way.

OpenID is an open, decentralized, free framework for user-centric digital identity. (from openid.net)

If we omit “digital” from the equasion we see that OpenID should be user-centric identity or as Dick Hardt says: Identity (both 1.0 and 2.0) is about who you are.

So who are you?

Who am I? I can’t predict how you percieve your inner self but unless you suffer from “split personality” or have very certain beliefs about dualism the answer should be relatively easy – you are you (yes, the same You who was the person of the year). You are who you are. Period.

How this relates to OpenID? What is an OpenID? Simon Willison explains this in simple terms: OpenID is a URL. What means that the answer to the “Who?” question in OpenID world is a URL. A URL is better known as web address.

Address as an identity?

If we agree that OpenID is nothing but an address, we can compare it to traditional addresses people can easily understand. “Big City, Long Road 306″, “Smaller Village, 5th building from the left”, “New York, 5th Street 1234, 32nd floor, room #666″ etc. We all live somewhere (even if this “somewhere” is under a bridge), work somewhere and visit our friends who live somehere. All these places have addresses.

Wikipedia tells us that “Identity is about the sameness of two things”.

What if there is “Big City” in Italy and in Japan and they both have “Long Road 306″? Forget the readable address and take numbers – geographic coordinate system. You can unambiguously address a place on planet earth and all you need is a GPS to find the exact place. The mountain at a specific coordinate has existed before there was GPS or even before people understood that world is not flat.

The same way people have names. “John Smith” (or “Hannibal“), “Martin Paljak”, “Bill Gates”. Everybody you know has a name. Every “name address” leads to a human being who (hopefully) has a sense of “me” or a subject who could “practice” user-centric identity. As there are thousands of “John Smith”-s in the world, you can try to narrow it down to “John Smith, born on 13.07.67 in London”. I’m lucky (or unlucky?) in this case as I’m currently probably the only Martin Paljak on this planet. Our society (or governments) has invented an unambiguous adressing scheme for people as well – a database of social security numbers or personal ID codes. There is no other person in Estonia with a personal identity code 38207162722 even if his name would be Martin Paljak.

The same way you can’t assign coordinates to a mountain or issue coordinates (you can only invent the geographic coordinate system once) you can’t do that with other addresses – like OpenID URLs – they just exist in some system. You can escape your home address by going camping but you can’t escape the geographic coordinates of your tent. You can choose the place you live but you can’t choose the address the building has.

Internet is not real life

Everything I described before is about absolute identification what is actually the nice reality in real life. So you say that your online identity might be different from your real identity in the era of web2.0 and identity2.0?

This is the topic of the next post.

There are also philosophical issues in real life that need to be dealt with in practical ways. For example: Estonian personal identity code encodes the gender of the owner. Me as a male – my personal ID code starts with an odd number. If I would be female it would start with an even number.

What happens with people who undergo sex change operation? In real life and on the Internet ?

Finally I’d like to share with you two nice findings from the wild-wild-web:

Mart Parve talking about Estonian eID in a podcast and a funny video about Britons and how they fight their eID with humor (I DO understand the attitude towards government in UK. All those cameras and no real privacy there …)

—–
This is part of a series of posts that talk about my view on “Who? (you are)”, “How? (you prove it)” and “What? (can one do with this information)” of OpenID and electronic identity in general. The keywords of this post could be “absolute identification” and “federated identity” but in simple terms.