John McDowall on simplicity;
Making simplicity a goal in integration is key to success – it can be an aspirational goal i.e. integration may never but point and click but unless the goal is simplicity rather than solving many imaginary problems then the possibility to asymptotically approach it will never happen. So setting simplicity of solution is always the right goal.
Bingo. Now, what
architectural
constraints
can we adopt to induce
simplicity?
Anyone, anyone? 8-)
Drummond mints a corollary
to one of
Kim Cameron’s Laws of Identity;
The identifiers in a universal identifier metasystem MUST only reveal information identifying a user with the user’s consent.
… and follows it up with this bold claim;
So half the Web breaks this corollary before we’re even out of the starting gate. But it gets worse. Look at one of the current bulwarks of online identification: DNS. A standard requirement for most DNS name registries is accurate, current contact data for the registrant that is published publicly as “Whois” data. Although many registrars now offer proxy registration services to preserve registrant privacy and prevent spam, there’s no escaping that a major component of our current Internet identifier infrastructure breaks the First Corollary squarely in two.
Hmm, how exactly does Web/Internet/DNS breaks that corollary? I can’t see it.
Is it because of DNS (and if so, why the “it gets worse” comment)? DNS does
certainly require a small amount of information be made available, and though I’m
hardly a historian, the little I do know of the history of this data suggests that it
represents the minimum amount that a mature industry – which has had to balance the
needs of domain owners (anonymity) with those of the public at large (accountability)
over many years – has reached concensus on requiring. So I doubt that any competing
centralized solution would be able to reach widespread deployment without, in the
steady state, providing a similar amount of info about registrants.
Also, who says that there’s a direct correspondence between a DNS name
and the person who uses the email address? I don’t own gmail.com, nor yahoo.com,
yet have email addresses at both of those domains. Google and Yahoo, in
offering an email service, provide a degree of anonymity via proxy; if you
want to learn more about me there, you have to go through them, and I’m not
required to publish any info about myself there.
Hushmail‘s
probably the extreme case here, as they seem to exist to provide
as-anonymous-as-possible email services.
As you’d expect from a chair of the
XRI TC,
he then claims that
XRIs
don’t have this problem;
So can XRIs fix this problem? Yes. The first principle of XRI architecture is that XRIs are abstract – the association between an XRI and the real-world resource it represents is entirely under the control of its XRI authority (the person or organization registering the XRI, at any level of delegation). So nothing in an XRI need reveal anything about the authority’s identity or messaging address.
… which, as I’ve shown, is also the case with even DNS-bound URIs.