Identity on the Federated Social Web
Since my previous post on how we can move past Facebook, I’ve been thinking about how we as users can take control of what we publish.
DNS or something else?
About a year and a half ago, Dave Winer posted instructions on How to boot a federated social network now. That hasn’t happened. My opinion is that DNS names for individuals is such a horrible solution that no one has really contemplated it. Just ask John Smith, John Smith and John Smith who should get the johnsmith.name domain.
The solution isn’t going to be found in a global list of names. That keeps the question of which John Smith very much alive.
Instead it’s going to be in a personal list of names. Which John Smith that I know do I mean? The one at work, or the one that’s dating my cousin?
If you stop for a second and think about how you talk about people – it’s all about the relationships. Where you met them, who else they know, how you have interacted.
In my preliminary research, I’ve found two papers talking about personal namespaces. One is talking about devices (so that you can find your desktop computer by the name desktop all over the world) and the other is talking about people.
Facebook already provides part of the personal namespace features. Use the search box to find a name and you will get a list of people sorted by how many mutual friends you have with their avatar image. That’s fine for me because all my Facebook friends are in my monkeysphere. It’s probably not as useful a feature when you have 5000 friends.
Name, name: or /name?
All those facebook friends have a url, something like https://www.facebook.com/somori (which is mine). Question is, how many people actually use their URL? Our survey says “something” because it has been started at the same time as this post was published. My prediction (and that of Mark Allman in the paper on people’s names above) is that the overwhelming majority of people use their real name rather than the technically correct URL.
What does this mean? It means that a persons technical identifier can be a URN made of numbers and digits like pid:d0d2e988fe0a1967b5109ae628833215 (this is just an MD5 hash of my name and the time I made the hash). To a user, it’s as useful as a facebook address, especially as it never gets seen.
Network Solutions had a similar idea and requested the “pin” namespace in RFC3043 over 10 years ago. Nothing much seems to have come of that though, possibly because it was bound to NS’s resolvers rather than being an open protocol.
Mark’s paper goes into greater detail on how a system which allowed people to define their own name for other people using cryptographic tokens and propagate those names might work. Look at section 3 for that information.
Identity is something that can and must transcend services. Whatever system is put in place to allow people within the Federated Social Web to identify each other and their relationships cannot be controlled by any one company if there is to be any freedom in that social web.
Nobody gets to take the ball and go home, because we all get our own.