Wednesday, March 07, 2007


The Burton Group's Mike Neuenschwander has posted a mild rant touched off by trying to bag memorable, unique - but recognizable as his - OpenID's on various sites. He tells a good story before getting to his point, which he summarizes as: "There are no identifiers, only attributes."

Mike falls into the trap of the absolutist generalization (there's a lot of that going around, isn't there?). But he concentrates on your given name as an "identity":

"Names are slippery. Most people have many more than one legal name, none of which are unique. They also have several dozen nicknames. There’s no practical way to get any of these every-day-use names onto a global namespace. And what’s a name after all but a synthetic attribute—a foreign key that we hope the receiving party stores somewhere so we can remember them later? "

An "identifier" does need to be unique within a particular namespace. In a family, this is done thru a combination of given names and nicknames. e.g., while my son was at home growing up, I was known as "Dave" and he was called "David". Outside of our immediate family, of course, ambiguity quickly cropped up. There's my nephew (his cousin) David Kearns , for example.

But we are all familiar with unique identifiers within the digital world. Your email address - every single one of them - is a unique identifier within the entire world of the internet. There's also your ip address, but in a DHCP world, that can change without warning. It would still be unique, but tying it solely to you would be a more difficult task.

OpenIDs are unique. A little judicious shopping for an OpenID provider (OP) should get you one who has available an identifier that associates well with you, and that you wouldn't be ashamed to share with others.

Labels: , ,

Regardless of what identity provider you pick, there has to be an understood context in which you are presenting your OpenID. In the context of family, you can disambiguate Daves. This isn't so much an issue of uniqueness but of context...

Context, Ian? I think of context as the "who, what, when, where, how" of the authentication transaction - not the namespace you're authenticating in...
Post a Comment

© 2003-2006 The Virtual Quill, All Rights Reserved


[Powered by Blogger]