Tom Brown: Identity as if People Mattered

Tom presented at the first of the revived EFF-Austin monthly meetings, June 1st at the Flying Saucer. He presented an overview of Internet identity and authentication issues, including some history, going back to Microsoft’s Passport and the .net initiative called Hailstorm, which were about authentication and storing an individual’s information – and which were ultimately not broadly adopted. Tom compared Facebook Connect to Passport/Hailstorm – they’re proprietary services, and they’re efficient, but not resilient. He talked about the evolution of a commons-based approach (Identity Commons) via the Internet Identity Workshop, and Kaliya Hamlin’s concept of user-centric identity – which is about the “Freedom to be who you want to be online – the right to anonymity and pseudonymity,” methods for identify validation and sharing the information you specifically want to share (vs having the data taken from you), and having an ability to control and curate the information about you that appears online. He also brought up the important question of ownership of a personal identifier – who can you trust? How do we avoid being locked into a (commercial) provider of identity/authentication services (like Facebook). A couple of important concepts here: Federation, which is the OpenID model, and delegation, which is the model used in OAuth (used by Twitter) and Facebook Connect. Tom talked about the question whether User-Centric identity is dead. One next step, the OpenID Connect project, isn’t user-centric, but the National Institute for Standards and Technology, there’s a new National Strategy for Trusted Identities in Cyberspace that is intended to be designed based on a user-centric federation model. (Tom’s slides are at

One thought on “Tom Brown: Identity as if People Mattered”

  1. Thanks for all the consistently good events and for giving me the opportunity to talk about user-centric identity!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.