Slashdot Mirror
i-Names Pick Up Steam
There's been coverage in LJ on the whole "Identity Commons idea. Basically, it's a domain registrar for your unique name - with them on sale already. ASN has published a whitepaper on the topic as well.
← Back to Stories (view on slashdot.org)
Now if there were only a site to keep track of my multiple Identity Commons names.
> whole "Identity Commons idea
:)
UNTERMINATED STRING CONSTANT. My head hurts now
My other car is first.
...I really don't see a chance of this becoming popular, especially when it's arriving late in the game. Like it or not, the guys who thought up foo@bar.com-style addressing hit pay dirt in terms of coming up with an addressing scheme that real people could deal with.
Go somewhere random
Trolling using another account since 2005.
How come when Microsoft tried to do this with passport everyone thought it was evil. But now, because it's not Microsoft, there will be a lot of people saying this is good. The reason why this stuff bothers me is because I don't want to trust anyone to control all my signing on to every site. Because no matter how secure it is, if someone breaks the security, they now have access to everything. At least I know now, that if someone breaks (guesses) one of my passwords, then they've only broken one of them, and not all of them.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
Oh, and public lynching of people who use Flash for forms (*cough* UCI Cinemas *cough*).
I am TheRaven on Soylent News
How many eggs are in your basket today?
It would be cool if it didn't suck.
i-Names Pick Up Steam
I wonder how much Valve sold it for.
Just a guy with an opinion
I equate ideas like this to a late-arriving cyber real estate agent, seeking to find some creative, yet not terribly useful or practical way to divide up property that people already own.
.name TLD and hasn't worked. And Microsoft has far more resources poured into their pseudo-secure give-me-all-your-personal-info "solution."
The premise is that you pay for a pseudo-permanent identity in cyberspace. Ok, however, the TOS, like most other TOS disclaim any responsibility to consistently deliver the services you're supposedly paying for:
# Although our intention is that this service is always available, 2idi and its licensees and affiliates reserve the right to interrupt or terminate service for some unforeseen circumstance.
# Please note that amendments to this agreement, and to 2idi policies that are incorporated by reference in i-broker agreements, may be made at any time at the sole discretion of 2idi in order to best serve all members of the 2idi community.
The second part is particularly exemplative of the total and utter uselessness of schemes like this. Sure, they want to encourage you to use them as a central repository of personal information, and they allude to respecting your privacy, but they reserve the right, at any time, without your approval, to change the terms of their service, which may arbitrarily involve giving out personal info or whatever they want with whatever they have of yours.
Whenever I evaluate the value of an idea such as this, I consider to what degree the value of the project is based on a useful service, verses the degree to which the success of the project is dependent upon a) obtaining market share and b) marketing. This project fails the test. It doesn't offer anything innovative, and therefore will be marketing driven, and if it doesn't have market share, it will ultimately fail and be useless.
This is one of those markets where it's just too dangerous to fiddle with. For all the resources they invest into this effort, Google, eBay, MSN or Yahoo can pull a similar scheme out of their hat and put them out of business instantly. Spamcop already has a highly effective e-mail/spam forwarding service. The central identity thing has been tried with the
OTOH, what I do like about the basic centralized repository scheme, is that it would be better served as a way to manage and authorize legitimate SMTP servers.
/cynic mode on.
you know why it's wordy and techie? to get techies to jump in quick to register their own name(s). you're not supposed to stop and think for a second if that 25$ is a ripoff or not. the whole community 'feel'(non mega polished with flash) in it is just intended to hide what's underneath.
it's techy and named so 'commons' so that you wouldn't first think that it's a firm that's taking twenty five bucks for you to register a crappy name on it, with basically no real usage on anywhere at all!
world was created 5 seconds before this post as it is.
huh? LiveJournal? Some angsty teen fearing her AOL screenname got haxored and is now Identity Commonized?!?
i-Names? Is this an Apple product?
Coder's Stone: The programming language quick ref for iPad
...Microsoft would certainly tie it to payment methods (possibly creating a time when a Passport is REQUIRED to make online purchases from "partner sites"), and entrench itself everywhere, and use it as a method to hawk and secure market positions for its own products.
A hopefully open consortium of people doing universal identity (not saying this idea is necessarily it) would be doing it for the public good, not for greed or a mechanism to use a monopoly position to force its products on people.
an unambiguous human-friendly name is an oxymoron.
Apple? Asimov beat them to it by quite a while - I, Robot.
This has been a test. If this had been an actual Sig, you would have been amused.
At first having one login for everything on the web may seem like an intelligent idea; one that solves the problem of people not having to remember a gazillion different logins for every website. This may be also be great for old people who just can't remember. However, what happens if someone gets a hold of you login name, or oh, just overlooks you typing in your password. Will they have access to all your accounts on any website you have registered on the net? Isn't there a reason why people make different logins with different passwords in the first place, so this wouldn't this become a problem in the long term? Just my 2c.
People often confuse "single sign-on" with "centrally stored data". The Liberty Alliance solution is different because it is a federated approach based on identity.
In this solution, you identify yourself with a single method. Take for example, 3 different entities you may interact with: your bank, a government agency, and a store. If those three entities can trust each other, they will accept information from each other as legitimate. If, for example, you want your bank to share information with the government agency (account number, mortage interest paid for taxes, etc.) then you can tell your bank this is ok. If you want a store to share certain information with your bank (like valid shipping addresses when making a purchase) then it is possible with this trusted but federated system.
None of this means that all of the data relevant to each of those relationships is centrally stored or maintained by a single entity.
The question will become all about the identity itself because, if that is breached, then all the others can be breached. Some federated method of identity is probably inevitable, where the bank does not accept just some centrally managed single sign-on verified. You will need something unique if you are going to one of these entities. But in the example above, you don't need to verify yourself to the store in order to share your account information. Instead, you identify yourself to your bank and then tell your bank it can share the information with the store. The store trusts the bank and therefore trusts the information from the bank.
Just another bad idea being forced (and for money, geez) upon everyone. Just wondering, how many people are there with same names (I am one of those people, who have such names that are one in a dozen in my culture and language) who will fight for a good i-name. The other point, who on this planet would trust every online access on a single id ? Well, nobody with a sane mind would. Once found out, all your base are belong to them.
No way I am willing to be forced into such a thing and even cashing out money for such a wrong purpose.
MS's passport wasn't that good either, but at least I (we) didn't have to pay for it.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
Comment removed based on user account deletion
First Read:
.... wait. You've got spam! What if you have to change it?
http://xns.org/i-names-explained.html
http://xns.org/xri-and-xdi-explained.html
http://www.xdi.org/
The premise is that you pay for a pseudo-permanent identity in cyberspace.
What else have you got? If you don't have your own domain somewhere, that can often times be taken down by your ISP "just because", what else do you have? Your email address. That's pseudo-permanant, right. Is it 50 years permanant? Maybe.
So you tell everyone your email address for a pseudo-permanant identity - great!
Will that email address cost you more than $25 over 50 years? 9 times out of 10 people will spend significantly more than that to maintain an email address with any kind of permanancy. And they'll get spammed all the while because the identifier is directly tied to the delivery method. You can't tell someone who you are without giving them a direct line.
XNS is a global public database that people can go to if they want to find you, just like DNS resolves mabu.com into the IP address your server is at. Not a global public database that contains all the juicy bits, just who's got the goods. Can you imagine being tied to the same IP address for the life of your domain name???? We all want to be able to move but nobody wants the trouble of keeping every single contact you've ever had informed of your new location.
This system makes it like this: If you want to find me ask my broker. He'll get in touch with me and make sure I still want to talk with you, then either I'll tell him "sure - let him know where I'm at." OR "Thanks for trying to get in touch with me. I'll call you."
You can give your broker a whitelist. All these people (your brother, parents, some old school friends) - tell them whatever they want to know. An offwhite list (you can keep a list of individuals, any from *@alumni.school.edu, how "connected" they are or based on reputation) - feel free to give these people my email but I don't want them knowing where I live. A blacklist tells your broker never to give out any information to (=these, =people, =and.weird, =relatives, =and.old, =girlfirends) And on and on.
The global part points anybody in the world to the place where the goods are at, just like how the root DNS servers point to the "authoritative" DNS box you run on your own net. You can change things there and when people come looking you feed them whatever you want - YOU STAY IN CONTROL.
The whole broker thing... You choose a broker you can trust. Right now there is only one, 2idi.com. Not to say you couldn't start up your own. Granted you'd have to get people to trust you if you didn't want your service to fall flat on it's face, but you could do it. Maybe run one for your family or business. Thawte could do it. CACert could do it. Your bank could be your broker. Whoever you trust to handle your personal information, THEY would be your broker.
Sending $25 and your credit card and your email address to 2idi.com is not a requirement to use XNS. At this point they're the only game in town so if you want a particular =i.name, it's pretty much a race. They stick for 50 years.
More (from 2idi.com)...
Basic Terms of Use for your I-Name
* Once registered, you can use your community personal i-name as long as you adhere to this agreement and any applicable laws.
* You can keep your i-name for as long as your community maintains a relationship with an i-broker. You can also add other community or global i-names to your account that can act as synonyms for your community i-name.
* The community i-name registry is public. It does NOT contain any of y
I'm working on a thing called "Local Names."
It points names to URL's, but you can use that for identifying purposes. Especially if you mix & match with FOAF.
There are no central registries.
Names are based on the community namespace, rather than some central server.
(That means you don't have to pay me $25, and can address your friends by their first name.)
One of the primary misconceptions about i-names is that they're centralized. They're not.
Another is that 2idi is just another passport controlling your information. It isn't.
It's clear that Identity Commons and 2idi have to work on their messaging...
The antidote for misuse of freedom of speech is more freedom of speech.
-- Molly Ivins
I haven't found in the FAQs or anywhere on the site what that EGS period is
...vision of an accountable, trustworthy layer on the Internet
From the FAQ: In this program, individuals may purchase a 50-year global personal i-name What isn't in the FAQ is that you are only reserving the name for 50 years and getting 2 years of free "managment services". After that management fees are around $10 a year.
Now that I have answered your question and justified leeching off of the first high rated post (chuckle) I have an important message:
IT IS A FRONT FOR TRUSTED COMPUTING AND DRM!!
IT IS A FRONT FOR TRUSTED COMPUTING AND DRM!!
IT IS A FRONT FOR TRUSTED COMPUTING AND DRM!!
The organisations involved, OASIS (oasis-open.org), XDI.ORG and the others, they are all TRUSTED COMPUTING groups creating "open standards" for ENFORCING DRIGITAL RIGHTS MANAGAMENT systems.
One of OASIS's primary projects is:
Extensible Rights Markup Language (XrML): 'The Digital Rights Language for Trusted Content and Services'.
XDI.org's FAQ
What does XDI.ORG do
This "Identity Commons" wants you to sign up and created a "Trusted Identity" (which is conviently tied to the CREDIT CARD you used to register!), and in the future DRM files will be locked to that identity, and software installations will be locked to that identity, and access to websites will be locked to that identity (single sign-on oh joy) and on and on. And they are offering you an opportunity to sign up and reserve your name before the system is fully deployed, gee thanks.
The system will not be fully operational unless you are running Microsoft's Palladium operating system, or if you are running a Palladiumized version of Linux or other operating system. Palladiumized TrustedLinux is already under construction. And these new operating systems will only work on the new TrustedHardware. IBM and HP and others are already shipping PCs with this new Trust chip. Intel has already embedded a version of the Trust chip inside the Intell Prescott, although it is in an inactive form. The expectation is that the Trust chip will soon be standard on all motherboards, and then move into the CPU itself. Intel, AMD, ARM, Transmeta, and the rest, all of the CPU makers are on board.
The Trust chip spys on your hardware and what software you are running and reports it to other people (remote attestation), the Trust chip makes it impossible to read your own files except with the approval and under the restrictions imposed by the software you were given (sealed storage), it prevents you from modifying the software on your own machine (code identity and sealed storage), the Trust chip even DEFEATS THE GPL! Having the source code and being able to modify and compile it is USELESS when that recompiled code DOES NOT WORK. The Trust chip forbids the recompiled code from access to the required encryption keys. The recompiled code will "run", but it will not WORK because it cannot read it's encrypted files and it cannot interoperate.
I know this sounds like a tinfoil hat conspiracy theory, but IBM is already shipping ThinkCenter, ThinkVantage andNetvista desktops, and Thinkpad laptops with this chip embedded. HP/Compaq are already shipping dc7100 and D530 Desktops and nc6000,nc8000,nw8000, nc4010 notebooks with these chips embedded. Acer Veriton 3600GT/7600GT. Toshiba Tecra M2 Series. Fujitsu Lifebook S7010 and E8000 series and the T4000 Tablet PCs. Samsung all X model laptops. And more every day. As I said, the expectation is that is will soon be standard hardware on ALL motherboards.
EFF on Trusted Computing
GNU.org on Trusted Computing
Wikipedia on Trusted Computing
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
People often ask: what is the difference between your technology and Microsoft Passport?
As I like to say, the only thing good about Passport is at least you know their database won't get bought by Microsoft (because they already own it!).
In functionality - such as automatic data sharing, form filling and single sign-on - we share much with Microsoft Passport. (In fact, Passport grew out of Firefly, which is descended from my 1981 thesis on a personalized newspaper - NewsPeek - at what became soon after the M.I.T. Media Lab. I named the systems "NewsPeek" for two reasons: it provided a "peek at the news," and it was a warning that if centralized control over personal profiles existed, the future depicted in George Orwell's 1984 - where the official language was "NewSpeak" - could come true.)
But all that aside, where we differ is where it gets interesting. For one, we are decentralized. There is no single i-broker or data store that you must use. While it is true that there is only one sanctioned global registry for '=' (personal) and '@' (organizational) names, many other forms of community and peer-to-peer i-name registries can exist. It's also important to note that your data is not necessarily stored in any one place. For ease of use reasons you may choose to use a single i-broker to negotiate access to you data, but each item of your profile could conceivably be stored in a different data hosting service. (Note that current service providers that store information about you are acting as a data hosting service already.)
Another point is that, through our architecture and FOSS (free and open source software) availability of our code, we don't lock you in. Rather, you are free to move around between the i-brokers of your choosing - and even to run an i-broker yourself! We (at 2idi) are committed not only to providing you this choice, but also to providing such a compelling suite of services that i-name holders choose to have their i-names hosted at 2idi.
The antidote for misuse of freedom of speech is more freedom of speech.
-- Molly Ivins
what evidence have you to specifically tie Oasis to Palladium?
Technically Oasis projects are designed to be "platfrom independant". If you actually look at the projects Oasis is working on they all revolve around DRM and DRM support systems. In particular a central project is site:www.oasis-open.org "eXtensible rights Markup Language", which is a general language for DRM enforment.
If you read the technical specifications of their various projects, including XrML, which I did several months ago, they state that they require/run-on-top-of a hardware "security support system". And if you look at the details, requirements, capabilities, and terminology of that "security support system" they just so coincidentally happen to exactly match the details, requirements, capabilities, and terminology of the Trusted Computing Group's Trusted Computing System.
Oh, and Microsoft's own website documents that their NGSCB (aka Palladium) is built on top of the Trusted Computing Group's Trusted Computing system. Palladium's "Security Support Component" (SSC) *is* the Trusted Computing Group's Trusted Platform Module (TPM).
Oasis is not locked to Microsoft's implementation of Palladium, it will work on top of Linux, but ONLY if that Linux machine also contains a Trusted Computing Group chip (TPM) and that Linux is a TrustedLinux that has almost exactly the same properties, capabilities, and restrictions, as Palladium. Oasis will work on top of a Palladiumized-Linux, or on top of a Palladiumized Mac.
Oh, and by the way, if you check Oasis's membership list, it not only includes Microsoft, but all of the Trusted Computing Group's core membership.
The TPM is the security chip. Palladium (NGSCB) is the PC architecture (hardware and operating system) built on top of that chip. And on top of the operating system you have DRM applications which comply with Oasis DRM rights language and protocols, and on top of that you have the Oasis servers and protocols on the internet.
Trusted Computing is a layered system, and part of deflecting critism is that they constantly change names and present the different layers as seperate entities. TCPA, TCG, TPM, SSC, Palladium, NGSCB, Longhorn, Oasis, XrML, Intel's La Grande, Transmeta's Security eXtensions (TSX), IBM's Embedded Security Subsystem and ThinkVantage Technology, National Semiconductor's SafeKeeper, HP's ProtectTools, Via Technologies's Padlock, Phoenix's Core Managed Environment, nVidia's ActiveArmor, all that and countless more, all different aspects and layers and names for Trusted Computing systems.
These companies and projects generally bury any public documentation that it has any connection to Trusted Computing at all to hide from criticism, sometimes actively scrub any such direct admission from public text. Digging up a smoking-gun confrimation sometimes takes hours of reading documentaion and websites and net searches. For example AMD definitely has a Trusted Computing project but I can't even find a name for it, much less any doumentation or time table.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
(Yet Another Non-Authoritative Namespace Resolution Scheme?)
I tried to RTFA, but my brain blew a buzzword fuse. How does this differ from the various other non-authorative namespace resolution schemes out there selling cute "internet names" that a majority of machines can't resolve?
Caveat Emptor is not a business model.