A few months ago, Kim Cameron opined that it would be nice to have some systems that could be used for exploration and experimentation in this area of identity stuff. See the comments in http://www.identityblog.com/?p=724. One of the things that I noticed the other week week at IIW is that we already have the beginnings of such a system. It’s called OpenID!
The best examples I saw were the folks from Brigham Young. They used OpenID to do experiments both in the areas of delegation and reputation. (You gents from BYU want to add some references?)
I’m taking the point of view that they mainly used OpenID as a vehicle for their experiments because it’s easy to deploy, easy to plug their code into, open source and therefore modifiable if necessary, provides most of the infrastructure that they need, and free. In a metaphorical sense, OpenID was laboratory apparatus for them. They didn’t have to spend time building their apparatus. That is, they didn’t have to write a lot of code that really had nothing to do with the experiments they wanted to conduct.
In another article, the analogy with Legos was mentioned. (See http://www.identityblog.com/?p=767. I prefer an analogy with Tinker Toys, but that’s because those are what I had way back when. Well, I reckon Tinker Toys are also a closer match to the notion of framework, and besides, Ed Felton would approve (http://www.freedom-to-tinker.com). In any case the idea is the same.
Some in the OpenID community would assert that that’s exactly what OpenID is already. Yes, there’s a lot of truth in that. But from what I see, there’s still a bit too much “frame” in the OpenID framework, so to speak; it might be Tinker Toys, but some of the pieces are already glued together and can’t be disassembled.
So, could OpenID be used to do experiments with InfoCards? It depends on the experiments someone wants to do, but in some ways it’s a pretty good fit. The OpenID provider serves pretty much the same function as the identity selector. What about experiments with managed cards? That might be a bit more difficult. I don’t know to what extent OpenID has conflated the notions of an identity agent and an identity provider (of testimony). They’re certainly conflated in the sense that they reside on the same system, but it still might be possible to maintain a logical separation so that might not be relevant for many experiments.
Some will point out that OpenID is still weak in the security area (like phishing), and they have a point. But we’re talking about doing experiments here; that weakness might also be irrelevant.
In other words, there’s still work to be done with OpenID to make it better suited for exploration and experimentation, but a lot of useful work has already been done. I encourage the OpenID community to keep this in mind and devote part of their energy to it as systems evolve.
Another possibility for such a system for experimentation might be Higgins. Although I’m not familiar with the details, it sounds like Higgins also has many of the useful properties. Those properties are that it be easy to disassemble into components, and easy to rearrange and reassemble the pieces into something that you can experiment with to see how it works. The real key from my point of view is just how easy it is to do the above.
We do need Legos or Tinker Toys to play with!
Posted by Eric Norman
