One of the nice things about an informal workshop is the freedom to rearrange things as necessary. Doc, who was opening, was running a little late, so we re-did some of the schedule.
Eugene Kim was first up at IIW. Eugene's job was to introduce the ideas behind user-centric identity. He introduces the concepts of identity by introducing himself. User centric identity is about users controlling their own identity. Where does that lead us?
Eugene contrasts the idea of single sign on with portable identity. While many people use a single ID and password for most Internet sites, that's not really the point. Most identities on the 'Net aren't portable. Users would get choice; businesses would get more accurate information (how many people lie on registration forms to avoid this very problem?).
Eugene brings up the Yahoo/Flickr story as an example of how attached people get user names. When people thought they were losing their Flickr user names, they got angry.
The lexicon project is aimed at coming up with common definitions for identity related terms. He went through a number of these. I won't record them here, but recommend you go over to the lexicon and look through them.
He works through the concepts of "entities," "subjects," and finally to "digital identity." Paul distinguishes subjects as things that have attributes and identities as sets of claims. The claims are about attributes and may or may not be true. A question raises the point that claims are not first class--you can't make a claim about a claim--at least not in the definition that exists now.
Johannes Ernst was the next speaker. The topic as URL-based identities. URLs are empowering because they can be bookmarked, tagged, linked to, subscribed to, explored, and customized. We already do these activities for lots of things. URL-based identities allow us to to do them for people. Simplicity is an important attribute of URL-based identity. "Light-weight" identity is an architectural statement.
URL-based identities are engendering innovation in the identity space. He points to Yadis, a protocol for discovering the capabilities of identity URL. Based on that foundation, you can build authentication in various forms, profile queries, registration, messaging, and so on. This is what's we've done with the reputation framework that my lab is building: we're building functionality on top of URL based identities.
We've got a lot more people here than we planned so we're going to break early and move to a bigger room upstairs. That's good news. There are probably 25 more people here today than wed planned on.