martin.paljak.pri.ee.

Knock-knock! Who’s there? It’s me!

This works when you’re visiting your friends garage after you have called him beforehand. But we all know that internet doesn’t work this way.

OpenID is an open, decentralized, free framework for user-centric digital identity. (from openid.net)

If we omit “digital” from the equasion we see that OpenID should be user-centric identity or as Dick Hardt says: Identity (both 1.0 and 2.0) is about who you are.

So who are you?

Who am I? I can’t predict how you percieve your inner self but unless you suffer from “split personality” or have very certain beliefs about dualism the answer should be relatively easy – you are you (yes, the same You who was the person of the year). You are who you are. Period.

How this relates to OpenID? What is an OpenID? Simon Willison explains this in simple terms: OpenID is a URL. What means that the answer to the “Who?” question in OpenID world is a URL. A URL is better known as web address.

Address as an identity?

If we agree that OpenID is nothing but an address, we can compare it to traditional addresses people can easily understand. “Big City, Long Road 306″, “Smaller Village, 5th building from the left”, “New York, 5th Street 1234, 32nd floor, room #666″ etc. We all live somewhere (even if this “somewhere” is under a bridge), work somewhere and visit our friends who live somehere. All these places have addresses.

Wikipedia tells us that “Identity is about the sameness of two things”.

What if there is “Big City” in Italy and in Japan and they both have “Long Road 306″? Forget the readable address and take numbers – geographic coordinate system. You can unambiguously address a place on planet earth and all you need is a GPS to find the exact place. The mountain at a specific coordinate has existed before there was GPS or even before people understood that world is not flat.

The same way people have names. “John Smith” (or “Hannibal“), “Martin Paljak”, “Bill Gates”. Everybody you know has a name. Every “name address” leads to a human being who (hopefully) has a sense of “me” or a subject who could “practice” user-centric identity. As there are thousands of “John Smith”-s in the world, you can try to narrow it down to “John Smith, born on 13.07.67 in London”. I’m lucky (or unlucky?) in this case as I’m currently probably the only Martin Paljak on this planet. Our society (or governments) has invented an unambiguous adressing scheme for people as well – a database of social security numbers or personal ID codes. There is no other person in Estonia with a personal identity code 38207162722 even if his name would be Martin Paljak.

The same way you can’t assign coordinates to a mountain or issue coordinates (you can only invent the geographic coordinate system once) you can’t do that with other addresses – like OpenID URLs – they just exist in some system. You can escape your home address by going camping but you can’t escape the geographic coordinates of your tent. You can choose the place you live but you can’t choose the address the building has.

Internet is not real life

Everything I described before is about absolute identification what is actually the nice reality in real life. So you say that your online identity might be different from your real identity in the era of web2.0 and identity2.0?

This is the topic of the next post.

There are also philosophical issues in real life that need to be dealt with in practical ways. For example: Estonian personal identity code encodes the gender of the owner. Me as a male – my personal ID code starts with an odd number. If I would be female it would start with an even number.

What happens with people who undergo sex change operation? In real life and on the Internet ?

Finally I’d like to share with you two nice findings from the wild-wild-web:

Mart Parve talking about Estonian eID in a podcast and a funny video about Britons and how they fight their eID with humor (I DO understand the attitude towards government in UK. All those cameras and no real privacy there …)

—–
This is part of a series of posts that talk about my view on “Who? (you are)”, “How? (you prove it)” and “What? (can one do with this information)” of OpenID and electronic identity in general. The keywords of this post could be “absolute identification” and “federated identity” but in simple terms.