Identity 2.0 made it all come together for me
I find identity discussions in relation to Web 2.0 fascinating. Today I watched a video by Dick Hardt, founder of SXIP and was totally impressed by the clarity of his presentation in comparison to most web 2.0 discussions that are generally vague. This topic is what glues the whole Web 2.0 concept together for me, and where the next generation web experience that we dream of will either succeed or fail.
If you watch the Adobe Analyst Meeting video on the engagement platform, particularily the part where Kevin Lynch explains a future app that mashes up a calendar app with a travel app, you will quickly come to the realization that this will be impossible without effective identity management. It is at the core of Web 2.0.
If you dig deeper, beyond the presentation and into Dick's blog, you will find a wealth of interesting discussion on the topic of identity, and will certainly come across Kim Cameron's: Laws of Identity, and that is where the real meat of the topic for developers begins.
Identity first really appeared on my radar when Macromedia Central was first debuted. It was neat how you had personal data that you could manage within the "browser" that applications could utilize with permission. This is really the direction of Identity 2.0 except current discussions are focused on a solution that would be timeless, open and scalable. An identity implementation is even being considered for Firefox 2.0
Identity 2.0 is based around the concept of having web applications revolve around the user's identity and data rather than forcing every application to maintain data on the user individually. It would facilitate interactions between web applications that would not require you to authorize yourself with each remote service, and allow you to expose personal data to applications with permission.
I found it most interesting in the Laws of Identity how they explain really what an identity means. It is more than just your name, address and credit card number. In fact, most people would have many identities: Personal, Employee, Citizen, etc and they would all be provided by different sources. Having all of these identities and using them where appropriate would facilitate a level of service never seen before on the web. Why is that?, well because you eliminate the need for every service or application that is developed to maintain "silos" of account information.
I am guessing that a personal identity could carry some kind of key that could allow other applications to interface with your Flickr account for example without having to reveal your account name and password to another web app (which is what you do now). Kevin Lynch's Calendar/Travel app takes it one step further by demonstrating the ability to have an identity that represents a group, where a group of friends all check the reservations against their calendars at the same time.
While many will see this as already possible don't forget that the new concept is that identities become a portable asset owned by the user, as opposed to data technically owned by the service provider.
Right now if I closed my Flickr account, is Flickr at liberty to destroy the data about me that they have? Maybe, but likely not. Is that information theirs to keep? Probably not. I should be able to leave and take my information with me, and the best way to do that is to never give it to Flickr to keep in the first place. A good Web 2.0 app of the future should be totally free from the need to store a user's personal information, it should just simply focus on the job it was built to do.
The best example is XBOX Live. You log into XBox live and play any game using that profile. Imagine if every game demanded that you create a personal profile. Would you bother?
While there is alot of debate around web identity and whether people would actually accept such a concept (MS Passport failed for the most part), remember that it will ultimately lead to more anonimity as opposed to less. Many services like Flickr for example already have a tonne of information about you, and they are in control of it. The vision of Identity 2.0 is not to track your behaviour, it is to make the web focus around you're rights, and to put you back in control of your data.