I am getting the idea of where Kim is going with the Second Law …
I think. I and I agree completely. The solution that is
going to dominate is the one the consumer perceives as providing the
most control over, and awareness of
, their identity information. Ok … I added the “awareness of”
part. It’s to address one of the questions that Kim had in a
later post. I’ll get to it. I wanted to explore a new angle of this part of Kim’s post:
A solution in which the polycomm has to query my mobile phone for a social security number would be much less stable than one which required the polycomm to query only for the address of an mp3 service.
This makes me think about a lot of questions … and I want to
explore this in an orthogonal direction. I’m more thinking about
the “identity transactions” that are taking place. This actually
leads into my Third Axiom in which all identity is exchanged within
“verified” or “unverified” contexts. Of course it could also be
an “asymmetric” context in which on one party verifies the identity of
the other.
In this scenario, there are two digital devices that are wirelessly
communicating and exchanging information. In many scenarios like
this … the two devices might just trust each others “unverified
identities” and offer services or consume services. We live our lives
using and accepting a lot of “unverified identity” information, however
there are
many scenarios in our lives where “verified identity” is required.
When I walk into a bar, for example, the bartender is no longer as
likely to “take my word for it”. He or she instead wants me to
provide some credentials from a mutually acceptable community that we
both belong to. I could provide a drivers license, a passport, a
military ID, or maybe even my little digital device, that refers the
bartenders little digital device to contact some webservice that exists
at a commonly known namespace.
Of course, it could be that my little digital device contacts the web
service first, indicating that the bartender is going to be requesting
to verify my identity information in a moment. I get a “ticket”
back from the web service that I give to the bartender that allows the
bartender to only make that verification request … and only within a
certain amount of time. The request might be to verify my age, in years …
or better yet that I am simply “older than the legal drinking
age”. (This is something that I thought of when reading Dick Hardt’s post
the other day.) These are all details that the bartender and I have to
agree upon …
or have cool little digital devices that store our identity and
preferences and accelerate the negotiation. (No Kim … not
completely automate … unless I’m comfortable with that … 😉
All of these transactions support the idea that identity comes from
communities. The more important or valuable the transaction, the
more it will require verification … from an authoritative source.
That source will be the community that gave that identity to us,
or one that has a trusted relationship with the community that did.
Casual interactions between cell phones and polycomms … can use
unverified identity. And every now and then you might hear some
very disturbing sounds or music coming from a polycomm! 😉