Identity management archived articles

Subscribe to the RSS feed for this category only

Identity management and Knowledge management and Social networking and Technology and The Web09 Jul 2011 at 2:21 by Jean-Marc Liotier

I have not read any reviews of Google Plus, so you’ll get my raw impressions starting after fifteen minutes of use – I guess that whatever they are worth, they bring more value than risking paraphrasing other people’s impressions after having been influenced by their prose.

First, a minor annoyance : stop asking me to join the chat. I don’t join messaging silos – if it is not open, I’m not participating. You asked, I declined – now you insist after every login and I find that impolite.

First task I set upon : set up information streams in and out of Google Plus. A few moments later it appears that this one will remain on the todo list for a while : there is not even an RSS feed with the public items… Hello ? Is that nostalgia for the nineties ? What good is an information processing tool that won’t let me aggregate, curate, remix and share ? Is this AOL envy ?

Then I move on toward some contacts management. I find the Circles interface is pretty bad. For starters, selecting multiple contacts and editing their Circles memberships wholesale is not possible – the pattern of editing the properties of multiple items is simple enough to be present and appreciated in most decent file managers (for editing permissions)… Sure it can be added later as it is not a structural feature, but still : for now much tedium ensues. Likewise, much time would be saved by letting users copy and paste contacts between circles. But all that is minor ergonomic nitpicking compared to other problems…

No hashtags, no groups… How am I supposed to discover people ? Where is the serendipity ? Instead of “Google Circles” this should be named “Google Cliques”. In its haste to satisfy the privacy obsessed, it seems that Google has forgotten that the first function of social networking software is to enable social behaviour… It seems that the features are focused on the anti-social instead. I can understand the absence of hashtags – spam is a major unresolved issue… But groups ? See Friendfeed to understand how powerful they can be – and they are in no way incompatible with the Circles model. It seems that selective sharing is what Google Plus is mostly about – public interaction and collaboration feels like an afterthought. This will please the reclusive, but it does not fit my needs.

Worse, the Circles feature only segments the population – it does nothing to organize shared interests : I may carefully select cyclists to put into my ‘cyclists’ Circle, but when I read the stream for that circle I’ll see pictures of their pets too. This does not help knowledge management in any way – it is merely about people management.

Finally Google is still stuck with Facebook, Twitter & al. in the silo era – the spirits of well known dinosaurs still haunt those lands. Why don’t they get on with the times and let users syndicate streams across service boundaries using open protocols such as Ostatus which an increasing number of social networking tools use to interoperate ? Google may be part of the technological vanguard of information services at massive scales, but cloning the worst features of competing services is the acme of backwardness.

Of course, this is a first release – not even fully open to subscription yet, so many features will be added and refined. But rough edges are not the reason of my dissatisfaction with Google Plus : what irks me most is the silo mentality and the very concept of Circles as the fundamental object for interaction management – no amount of polish will change the nature of a service built on those precepts.

I’ll keep an account on Google Plus for monitoring purposes, but for now and until major changes happen, that’s clearly not where I’ll be seeking intelligent life.

Brain dump and Debian and Identity management and Security and The Web18 Mar 2009 at 18:19 by Jean-Marc Liotier

The PGP web of trust is a social network, even if many of the people who published their keys would never admit joining one. But there are less than sixty thousand users, so low density of users in most social environments causes weak connectivity in the web of trust : the strong set (largest set of keys such that for any two keys in the set, there is a path from one to the other) ties together less than fifty thousand users. This has been a problem for a long time : in 1997 the strong set was only 3100 keys out of sixty thousand published. And in a fast expanding online social sphere, a stagnating network of sixty thousand users is marginal. Of course, many of those users participate in core institutions of  the developper community, but that does not make that population any less marginal. Many don’t mind that marginality, but our taste for elitist cave-dwelling among like-minded peers will not change the fact that effective software development is a social sport. Societies need trust, and restricting our communications to people whose idea of a party is a key signing party is not going to help us very much, so a solution is needed.

The PGP web of trust is no longer the only application that supports a social graph. With the recent mainstream explosion of social networking and digital identity applications, there is an embarrassing wealth of choices such as Google’s OpenSocial specificationhat propose a common set of API for social applications across multiple sites. Social networking in a web environment, including all forms of publication such as blogging, microblogging, forums and anything else that support links is a way to build digital identity. Each person that follows your updates or links to your articles is in effect vouching for the authenticity of your personae, and each one who adds you as a “friend” on a social network is an even stronger vote toward the authenticity of your profile, even if some people add any comer as their “friend”.

The vetting process in social networking applications is in effect just as good as the average key signing outside of a proper key signing process : some will actually check who they are vetting, others will happily sign anything – and it does not matter too much because the whole point of the web of trust is to handle a continuous fabric whose nodes have different reputations and no guarantee of reliability. The result is a weak form of pseudonymous web of trust – just like the PGP web of trust. But with an untrusted technological infrastructure, it is only about strong enough for common social use.

An anaemic GPG web of trust and thriving social networking applications are obvious matches. So what about a social networking application that handles the PGP web of trust ? As usual, similar inputs through similar individuals generate similar outputs – the same problems with the same environment and the same tools handled by people who share backgrounds produce the same conclusions. So now that I am trawling search engines about that concept I find that I am not the only one to hav thought about it. Who will be the first to develop a social networking application plug-in that links a profile to a GPG key to facilitate and encourage key signing between members of  the same platform that know each other ?

Identity management and Jabber and Knowledge management and Military and Mobile computing and Networking & telecommunications and Social networking and Technology and The Web23 Oct 2008 at 14:42 by Jean-Marc Liotier

I have become a user of Brightkite, a service that provides situational awareness in the geographical context. Once its relationship to user location information sources such as Fire Eagle improve, it may become a very nice tool, especially in mobile use cases where location reporting may be partly automated.

But even if they add technical value in the growing world of geographically aware applications, theses services are actually not innovative at the functional level. For example, in the ham radio universe, APRS is already a great system for real time tactical digital communications of information of immediate value in the local area – which includes among other things the position of the participating stations. And there is also TCAS, which interrogates surrounding aircrafts about their positions, and AIS which broadcasts ship positions and enables the entertaining Vessel Traffic Services such as the one provided by MarineTraffic. All these radio based systems broadcast in the clear and are not satisfying the privacy requirements of a personal eventing service. But that problem has also been solved by the Blue Force Tracker which even though it is still a work in progress has already changed how a chaotic battlefield is perceived by its participants.

“Where am I, and where are my friends ?” is not only the soldier’s critical information – it is also an important component of our social lives, witness the thriving landscape of geosocial networking. Geographic location is a fundamental enabler : we are physically embodied and the perimeter of location based services actually encompasses anything concerning our physical presence. So we can’t let physical location services escape our control. Fire Eagle may be practical for now, but we need to make geographical information part of the basic infrastructure under our control and available on a standardized, open and decentralized basis. The good news is that much thoughts have already been invested into that problem.

Physical location is part of our presence, and as you may have guessed by now, this means XMPP comes to the rescue ! We have XEP-0080 – User Location, an XMPP extension which is currently a XMPP Foundation Draft Standard (implementations are encouraged and the protocol is appropriate for deployment in production systems, but some changes to the protocol are possible before it becomes a Final Standard – as good as a draft standard RFC and therefore good enough for early adopter use). It is meant to be communicated and transported by means of Publish-Subscribe or the subset thereof specified in Personal Eventing via Pubsub. It may also be provided as an extension of plain vanilla <presence/> but that is quite a crude way to do it compared to the Publish-Subscribe goodness.

The rest of the work is left to the XMPP client. Of course, the client can show them on a map, just as Brightkite currently does. But I can also easily imagine an instant messaging contact list on my PDA where one of the contact groups is “contacts near me”. I would love to have Psi do that…

Identity management and Social networking and The Web15 Oct 2008 at 20:12 by Jean-Marc Liotier

With the profusion of tools, our online presence is all over the place… Here is a quick tour of where fragments of me can be found. I’m focusing on tools – I won’t list mere static pages (of which I still have a few dusty instances in various aging places). The goal of this article is to draw a quick taxonomy of the tools I’m using.

My original content publication outlets :

Places where I echo my own content web feeds, track people and engage actively:

Places where I track people and participate :

Places where I infrequently participate :

Places where I just echo my own content web feeds and/or status messages in case people there are tracking me there :

Not only is this list not exhaustive, but I have not even bothered to count the forums and blogs where I lurk or contribute comments. Don’t think that I’m a normal user though : maintaining a watch over online tools is part of my trade, so I’m the sort of person who’ll create an account on every site in sight if just to take a look at it.

But in any case, the profusion is food for thought about meta-tools.

Design and Identity management and Knowledge management and Social networking and The Web20 Nov 2007 at 6:47 by Jean-Marc Liotier

Open is everything – the rest is details. That is why we must take the best use cases of the closed social networking world and port them in the open. This is a lofty goal in all meaning of the adjective, but a surprisingly large number of potential basic components are available to cut the way short.

Friend of a Friend (FOAF) enables the creation of a machine-readable ontology describing persons, their activities and their relations to other people and objects. This concept is a child of the semantic web school of thought that has its origins about as far ago as the Web itself. In a narrower but deeper way, XFN (XHTML Friends Network) enables web authors to indicate their relationships to people simply by adding attributes to hyperlinks.

Microformats such as hCard, xfn, rel-tag, hCalendar, hReview, xFolk, hResume, hListing, citation, media-info and others provide a foundation for normalizing the information sharing. Some major operators are starting to get it – for example my LinkedIn profile contains hCard and hResume data. If you like hresume, take a look at DOAC while you are at it !

Some code is already available to process that available information. For example, identity-matcher is a Rails plugin to match identities and import social network graphs across any site supporting the appropriate Microformats. This code extracted from the codebase of and this is probably how Dopplr now supports import from other social networks like Twitter.

But part of the appeal of a social networking platform is how it empowers the user with control of what information he makes available, how it makes it available and to whom. So microformats are not sufficient : a permission management and access control system is necessary, and that requires an authentication mechanism. That naturally takes us to OpenID.

OpenID is a decentralized single sign-on system. Using OpenID-enabled sites, web users do not need to remember traditional authentication tokens such as username and password. Instead, they only need to be previously registered on a website with an “identity provider”. OpenID solves the authentication problem without relying on any centralized website to confirm digital identity.

The OpenID project is going even further than just authentication – authentication is just the surface. What OpenID really is about is digital identity management. OpenID Attribute Exchange is an OpenID service extension for exchanging identity information between endpoints. Although the list of attributes included in the OpenID Attribute Exchange schema does not match a nice collection of microformats, a process is defined to submit new attributes. And anyway, such a standard looks like a great fit to cover the need for keeping the user in control of his own content.

Finally, the social graph is the support for applications that must interact with the user’s information wherever it is hosted. That is why Google’s OpenSocial specification proposes a common set of API for social applications across multiple websites.

So a few technologies for social networking do exist, and they seem able to provide building blocks for an open distributed social networking. The concept of open distributed social networking itself has been in people’s mind for a long time. But until now only large proprietary platforms have succeeded in seducing a critical mass of users. Thanks to them, there is now a large body of information about the best practices and use-cases. What is now necessary is to think about how those use-cases can be ported into a decentralized open environment.

Porting a closed single provider system into an open distributed environment while equaling or surpassing the quality of the user experience is a huge challenge. But social networking and digital identity management are such critical activities in people’s life that the momentum behind opening them may soon be as large as the one that led Internet pioneers to break down the walls between networks.