Re: [projectvrm] Principles, personalities, anonymity and identity

["Joe Andrieu" < >]

The reason we "need" identity providers (IDPs) is because it makes life
easier for those tracking identity in some form.

It's all a matter of whether or not a relying party wants some other
party to handle identity /and/ the user isn't in a position to do so.

Many do because it simplifies their application. I like to use OpenID on
my websites when possible, because then I don't need to maintain
separate username & password for access. This is especially easy with
apps that have OpenID support built in. You can run your own OpenID
provider, but most people don't. They use an Identity Provider because
it's simpler and more reliable.

Others use IDPs because they can validate some aspect of the identity in
a way that makes the relying party happy.  This is what we do with the
identities we call credit card numbers.  Merchants don't want us making
up our own credit card numbers. They want numbers issued by a third
party they can trust to actually pay them at the end of the month.  In
this case, your bank IS acting as an IDP and the claim made to the
relying party is "yes, we know this guy and we'll make sure you get
paid".

With the personal data ecosystem, it's typically because the IDP (such
as Facebook) offers a rich set of user data that might be burdensome for
the relying party to ask for directly.  And with the latests updates to
the Open Graph, Facebook has significantly opened up the /write/ aspects
of that data store so that relying parties and push event data into the
Facebook stream.  All of these make things simpler for relying parties
and users to be more personalized, more relevant, and more engaging that
an isolated system that has to independently secure & track all the same
information on its own.

Those are at least three reasons that are systemic, structural, and
enduring.  It's simpler. It is more "reliable". It's richer.

-j

On Monday, September 26, 2011 8:02 PM, "Doc Searls"
<
 >
 wrote:
> On Sep 26, 2011, at 2:41 PM, Johannes Ernst wrote:
> 
> > 
> > On Sep 24, 2011, at 7:54, Doc Searls wrote:
> > 
> >> This brings us to the core paradox of Digital Identity: all we've found 
> >> that works, so far, requires an Identity Provider (Facebook, Google, 
> >> OpenID, whatever). And, as long as we require an Identity Provider, we 
> >> won't have true anonymity.
> > 
> > I'd like the question an underlying assumption here (that, admittedly, 
> > 99%+ of all people make, and so it's rarely discussed):
> > 
> > Just why exactly do we need a third party that is an "identity provider"?
> > 
> > Cheers,
> > 
> > 
> > Johannes.
> 
> 
> The short answer is that we can't think of anything better. The long
> answer is thinking of something better.
> 
> IMHO.
> 
> Doc
> 
> 
-- 
Joe Andrieu
SwitchBook Software

 
+1(805)705-8651