Paul, like most of the people in this space is an adult (which is one of the things I find most appealing about Identity). He’s been building software companies since he left MIT in 1982. When he left his last position as President of the publicly traded BitStream in 2000, he left with the express intent of building a BIG company–one that could fundamentally transform the internet and leave a lasting legacy. So in 2000, when he co-founded Pariity with John Clipinger, did he set out to build an Identity layer for the internet?

As is the case for most people in this space (and another reason I find it so appealing), the answer is no. Paul had a vision of an internet where trust between people and organizations could be automatically brokered, similar to that expressed in the Augmented Social Network paper I discussed in my first post in this series. He wanted to surround each individual with a reputation layer and then build the algorithms that would help efficiently establish trust between those individuals. The problem that he and so many others have run into when attempting to “thicken” the data that surrounds us on the internet so that it can be shared across sites is that WE don’t exist on the internet. In other words, like so many others, Paul stumbled into the problem of Identity.

In 2003, about the time Paul ran into this problem, he caught wind of what Microsoft was implementing on the Identity layer and realized both that it would be perfect for what he wanted to accomplish AND that there clearly needed to be an open source implementation of iCards. So Paul’s project took both a turn to Identity and to open source, and Higgins, which now is primarily thought of as the open source implementation of iCards, was born.

I don’t want to go over the details that distinguish the Higgins’ implementation of iCards from CardSpace because it has been designed (intentionally) much along the sames lines, so that it remains compatible with that emerging standard. One important point to note though, is that it suffers from the same schizophrenic nomenclature as CardSpace, in that the Higgins the project encompasses BOTH the iCard selector that lives locally AND the server based technology for brokering claims.

Besides this, it does have one additional layer that is extremely powerful that deserves some discussion: the rCard. As I discussed in my CardSpace series, CardSpace supports a pCard (a PERSONAL card that allows you to assert limited claims about yourself) and mCards (that organizations with information about you use to “officially” assert information about you). So what is this “Relationship Card” (rCard)?

Two things distinguish and rCard from an mCard: persistency and bi-directionality. What do I mean by these two things and why should you care? With an rCard that is persistent and bi-directional, YOU can provide constantly updated assertions about YOURSELF to a claim provider. How might this work? Well, think about the implicit attention data currently locked up on your computer. Might you want to allow a company that serves as your “movie preference” claim provider to have a persistently updated stream of your implicit movie data? For example, if you established such a relationship with Netflix, they would have a real-time stream of your movie searching, viewing, and purchasing activity that occurred OUTSIDE of their site, and could thereby provide you and other sites where you used their “Movie iCard” with better recommendations.

So the rCard puts YOU back in the loop of the iCard claim stream and allows you to automatically update that information on a POLICY basis. In other words, with an rCard, you can set a policy that defines WHO gets updates on WHAT data and WHEN at a granular level. If PERSISTENT, GRANULAR, BI-DIRECTIONAL data links sound familiar to those who’ve been reading this series, it should. Establishing those kind of data pipes are exactly what XRI/XDI are designed to do, and in fact Higgins uses XRI/XDI in the rCard layer.

So what are the most important things to remember about Higgins?

1. The technology has been in development for FIVE years now, so you may want to think twice before duplicating it.
2. It is MORE than just the open source iCard implementation. Identity is a MEANS to an end, not the end itself.
3. With the rCard, YOU are back in the loop and can establish persistent and granular assertions about yourself.

Next up are the two final installments on iCards: a discussion of the Pamela Project and an interview with Kim Cameron of Microsoft’s Cardspace.

http://middleware.internet2.edu/idtrust/2008/papers/01-reed-openid-xri-xrds.pdf

For an overview of some of the cool features about XRI/XDI, check out my 3 posts on the History of Tomorrow’s web series here.

The names of Ootao and Andy Dale come up a lot when you’re looking at the identity landscape, but if you look at either of their sites, it’s pretty hard to understand why. Further Andy Dale’s got a British accent, came to the Bay area from Israel, and pronounces his company’s name “Ew’ Dow”. Pretty mysterious stuff indeed! Look a little deeper though, and you’ll find one of the most practical and passionate implementors of real world identity technologies, particularly those surrounding XRI/XDI.

Andy and Ootao (Andy is VERY quick to mention that it is a team effort) are the enterprise guys who can actually build real life, highly scalable services in the identity space. Go to an iBroker? Chances are it’s running off of Ootao’s infrastructure. Heard about Plaxo’s OpenID implementation plans? Ootao’s there too. One of Ootao’s most ambitious projects to date is an XRI/XDI implementation they’ve done for the La Leche League (an organization that promotes breastfeeding). This may sound like a strange combination, but not if you understand LLLI’s needs and what XRI/XDI are great at. LLLI wants new mothers to be able to self-organize into communities around the world. Spontaneous self-organization requires people to have both a strong personal identity AND the ability to share aspects of that identity selectively. If you remember back to my post about XRI/XDI, establishing these granular trust relationships is exactly what XRI/XDI are great at.

Talk to Andy though, and LLLI is just the beginning. Ootao has created a new services company called Wingaa (great name, great logo, TERRIBLE user interface on their site!). It takes some digging, but essentially Wingaa is offering a suite of services to Registrars that enables them to turn your newly purchased URL into you Identity Hub. Want your URL to be your OpenID address? Done. Want your home page to be your personal iName contact page? Done. Want to access all your identity related accounts (Linked In, Facebook, Blog, etc.) at a single URL? Done. And Ootao is doing this the right way by building the INFRASTRUCTURE and allowing the companies that already have a relationship the person enhance that relationship using their tools.

As I wrote in my first post about the identity movement, one of its greatest strengths is it’s idealistic roots. This has also been an Achilles’ heel though, as it’s struggled to build out the necessary technologies and find viable business models. The people of Ootao come out of the enterprise and are implementors at heart. Because of their unique mindset they have played and will continue to play an important role in the ever evolving identity landscape.

1. Finding business models for identity products is REALLY hard.
2. If you ever think of getting an iName, this stuff is pretty confusing.

If you’ve read my previous posts, you should have a basic understanding of XRI/XDI (the technology behind iNames) and know that it is now an “open” standard. But what does that mean? A few things:

1. The XRI/XDI specifications are managed by their respective Oasis (the XML standards body) technical committees.
2. The patents that govern the technology have been licensed exclusively to XDI.org, a non-profit public trust organization.
3. Anyone can implement the technologies for any purpose without the prior consent of XDI.org.

So how does Cordance, the company that bequeathed the patents to XDI.org ever hope to make any money (which if you refer to the companies history has been a pressing issue for some time)? Well as part of the bargain for handing over the rights to the XRI/XDI technologies, Cordant was granted the right of first refusal to be the GSP (Global Service Provider) for any Global Services XDI.org might want to offer for the first 15 years after the Global Registry Service went live (2005). Let me attempt to unpack this.

As I explained before, XRI and XDI are cool technologies because they allow extensible, persistent, permissioned, granular connections between two data elements (like people). Now imagine if the unique identifiers for each data element could be resolved using a web browser by referring to a global registrar (like domain names) for each of these data elements. Essentially using simple syntax, you could define what elements about you any website in the world had access to. Cordance, along with Neustar (a giant registrar infrastructure company that runs among other things the .biz domain) has built this global registry.

Since Cordance is the defacto GSP for all XDI.org services, they are essentially the wholesale registrar (think Network Solutions) of high level XRIs (think names and companies). Cordance also authorizes iBrokers (think GoDaddy) to retail these high level XRIs. If you’ve followed the history of Network Solutions, you will understand this can be a pretty valuable business. VERY valuable in fact, IF web browsers spoke XRI/XDI by default (which they don’t).

If they did, however, not only would Drummond‘s patience with the technology finally pay off, it would hugely simplify building a powerful identity layer into the internet. More broadly, it would make it possible to build persistent, granular “trust contracts” that would make it MUCH easier for all of us (people and companies) to control what information we would like to share with each other.

As to whether this will ever happen is very much in the air. I hope, however, that by explaining how difficult it has been for Cordance to free the technology and yet still make enough money to provide a meaningful service, we can understand how difficult the “business model” problem for identity companies is going to be to crack. In my next (and final) post on iNames, I’ll write about the mysterious Ootao and its founder Andy Dale.

Let’s jump into the wayback machine to 1995. Netscape is still crashing your computer every time you run it because it’s a memory hog. Drummond Reed‘s teamed up with Peter Heymann (ex-Microsoft, ex-Warton MBA guy–nice!) to build a company called Intermind (the first company to own the XRI/XDI patents). They’ve been working on this “Communication Objects” technology that’s kind of like RSS, and by 1997 they’ve raised around $17 million and have a team of 70 people. One morning Drummond wakes-up and Microsoft has dropped an open standard that competes directly with his proprietary one and his business evaporates. What do you do?

Well, you first probably try to shop around your intellectual property (which he did, to Netscape in particular). Assuming you don’t have any takers (which he didn’t), you probably learn from your mistake and make sure the next time you try to implement a standard, you make it an open one (which is what Drummond did). He joined the P3P (privacy platform preferences) technical committee and let Tim Berners Lee know that even though Intermind held patents that might cover what they’re trying to implement, he wanted to play open this time.

Now let’s fast forward a few months and note that Microsoft is playing a VERY heavy role in the P3P TC. Let’s also note that Netscape has noticed and is (belatedly) trying to get involved. If you’re Netscape and you see Intermind on the TC, you probably think, “Hey, isn’t that the company that was trying sell us the patents covering all this stuff”. As Netscape you probably bring this to the TC’s attention too, which they did. Tim Berners Lee asks Intermind to make a declaration of their intent about these patents.

Okay, so remember a few posts ago how Drummond’s like the drummer, who’s the only consistent member in a band that keeps changing names and members? Well Intermind has a brand new CEO from the telco industry (who shall remain unnamed because he’s about to make a big mistake). Drummond, remembering back to that painful morning when he got out-opened by Microsoft, thinks the obvious thing to do is to declare that Intermind intends to release the patents to an open standards body. Telco CEO says he’s got a better plan and announces that Intermind will charge royalties. Now wakeup to WSJ articles claiming you’re holding the internet hostage, lose your place at the P3P table, and remember really hard that next time you’re introducing a standard, it better be open.

Fast forward a few more years–new CEO, $30 million more, IP in a public trust (XNS.org), specification being managed by OASIS (the XML standards body). So far so good, but how do make money? Well, new CEO wants to build enterprise software based on the now open standards. Good idea. CEO doesn’t know how to sell enterprise software (bad), Dotcom crash (very bad), 9/11 (tragic). No more company–join the crowd.

What do you do? Well, remember, you’re Drummond Reed and you love this technology, so you get new investors, new CEO, and make one(?!!) more go of it. That company is Cordance. In my next post I’ll explain the relationships between XDI.org (formerly XNS.org, but same public trust of IP), Cordance (iNames Global Service Provider), Neustar (iNames Registrar Infrastructure Provider), and iBrokers (iName retailers).

It’s very similar to the original concept, but more in line with current technology trends.

Good question. iNames are an implementation of a set of technical specifications called XRI/XDI that has been under the stewardship of Drummond Reed since at least 1994. The specifications haven’t always been called XRI/XDI (originally Communication Objects, then XNS), and the company associated with them hasn’t always been Cordance (originally Intermind, then One Name). Drummond and the core concepts are about the only things that have survived throughout (If XRI/XDI ever really catches on, he may be known as St. Drummond for his infinite patience!).

So what is XRI/XDI and who cares? Also a good question. XRI is a way to refer to things on the internet (e.g. people, businesses, addresses, etc) that creates a permanent machine-readable identifier (a number) along with a human-readable identifier that can change over time. This is cool for identity because whereas I may want you ALWAYS to have access to my address, the actual CONTENT of that address is likely to change over time. With XRI, my address is a data element assigned a PERMANENT numerical identifier, but the human readable identifier can be changed (and even transferred) to someone else.

Okay. Midly cool. XDI is VERY cool though. What XDI enables is a way to create a PERMENANT, PERMISSIONED, GRANULAR pipe between two data elements. So taking the address example again, let’s say both you and I have an iName, which is just a specific kind of XRI for people and means we each have a permanent number and a modifiable human-readable name. Using XDI, I can establish a PERMANENT (unless I revoke it) link between the two of us that allows you to have access (PERMISSIONED) only to my work contact information (GRANULAR).

Better yet, since both XRI and XDI are extensible (that is, you can associate as much stuff as you want to them), my XRI can have ANY number of data elements associated with it (contact information, preferences, friends, music, etc.) and the link between us can have ANY number of rules (contact info: allowed, auto-update: allowed, friends: denied).

This stuff is a little complicated, but if you’ve started thinking about how to OWN and CONTROL your identity data on an INTERNET-WIDE scale, without drowning in complexity, and without having any ONE company in control, you will quickly understand that the existing internet protocols aren’t up for the task. If you were then to spend the next ten years working through all the technical and political issues surrounding what’s missing, you’d probably have something that looks a lot like XRI/XDI. On my next post I’ll write about the ownership of the XRI/XDI specifications and Andy Dale and Ootao, the primary implementers of the technology. In the mean time, take a look at this paper on XDI to go a little deeper.