When anyone talks about a “universal identity system,” my first instinct is to put my money in my shoe.
Jamie went on to point out that when I have used the term “universal identity system,” I have meant:
“… universal” in the sense of a widely accepted, highly scalable approach, applicable and usable across the diverse and wide-ranging Internet. He’s talking about enabling a truly distributed system that can bind many different applications, use cases, and identity systems into a more meaningful (but logical) whole…
Because it is so crucial, I’m concerned that some folks will interpret “universal” to mean “uber,” as in one single identity system operating on a single standard, in spite of Kim’s intention. That’s precisely what X.500, X.509, and other attempts to solve this problem are and were about. And there are some folks who just seem genetically pre-disposed to approach the problem from a top-down, if-we-can-all-just-agree-on-one-single-identifier perspective.
And sure enough, as Jamie predicted, some good people have already been thrown off by the ‘U‘ word.
Here's a comment I received from Martin Taylor. Martin is a knowledgeable thinker who says:
I am curious… as to why there is nothing in the laws that really considers the motivation (or de-motivation) to an individual or to an organisation to make use of an identity system – to the collective point where the system could reasonably be said to be universal.
The need for identity mechanisms is clear. The need for a universal identity system is not.
The point at which a given identity system is able to grow sufficiently for it to be deemed universal has to show some benefit somewhere. If participation is expected to be voluntary (i.e. assuming that there will not be a single government able to mandate identity upon enough individuals for it to be deemed universal) then, the individuals involved must perceive a net benefit to themselves.
Where: net benefit = total benefit perceived – perceived disbenefit (from difficulty of use, perceived trust in providers, etc.)
This net benefit then is a limiting factor to the size/growth of the system.
I like the simplicity of Martin's “net benefit” equation. Yet the sentence beginning “If participation is expected…”, makes me fear he is taking the word ‘universal’ in precisely the way Jamie predicted would happen… And this unfortunately and unnecessarily complicates what is otherwise an interesting discussion.
Let's try substituting the word “unifying” and see if things get any better. Martin would then be saying:
The need for identity mechanisms is clear. The need for a unifying identity system is not.
That might not lead him to the same worries about bullying national or supernational governments…
Martin's equation is a proposition which applies to almost any computer system. But it certainly provides the framework for judging the success of systems designed according to the laws of identity.
Now let's look at how a unifying identity system would provide net benefit… Which takes us to the Seventh Law.