This is a WIP repository for an exploratory/possible protocol of communication that embodies the following:
-
Identity inheritance
-
Identity hierarchy
-
Time-bounded resource access
-
Query broadcasting
-
Query publication
-
Query expiry
-
Delegated authentication
-
Non-repudiable events
-
Perpetual validated events
-
Distributed authentication
-
Distributed identity storage & validation
-
Object embedded signature for identification
One belief is that it should be technologically possible and practical to create a decentralized network where fine-grained joint ownership of data among originator and processor is explicit.
This writing was not triggered by a single incident, no an 'a-ha' moment nor an apple falling on the head. But a series of little incidents, encounters, side discussions and debates, that triggered this writing. However, if you are reading this and expecting some sort of content structure, stop reading this now, and click off to somewhere else on the Internet. This is going to take you down lots of rabbit holes, go off on many tangents, and jump around from arguments to arguments that will feel extremely random at times. But if you truly care about this matter, then read on and I hope that more will be done to fix this crisis.
Why is it a crisis? I will ask you - why is it not a crisis!?! The model of personal identity is fundamentally broken, and here I will lay out some of the reasons why. Many of us have created boatloads of identities/logins across all sorts of properties on the Internet - banks, utilities, travel sites, shopping sites, social networks, emails, associations of all kinds, gaming ..... the list is endless. This broken model became apparent to me on a personal level one day when, as with any normal weekend day, my kids were logging onto my iPad using my Apple ID to play their games. What if I get hit by a bus? How are my kids going to lay claim on all my digital online identities without their lives grinding to a halt to uncover all my online identities to lay claim on their inheritance? Sounds like a first world problem? I would argue not.
Separately, we create email addresses on Gmail, Yahoo Mail, Hotmail, etc, etc and yet normal English sounding email addresses have ran out. There's lots of John Smiths and Jane Does who wants the same email address on those free email providers. The premise of these free email providers is that if they provide a free service, people will be willing to give up some privacy or service features use the free service. That premise has largely been proven true. Facebook has solved this constraint to some extent by having identities created linked to geolocations, gender, birthdays, schools attended, etc, etc. But this model is still built on the premise of "provide a free service and people will flock to the service and give up some of their information in order to use the service".But "free services" often serve up their users as advertising targets, and these free services providers have every right to do so, though they often operate in the grey area of analyzing all their users' demographic details, behaviors, content and selling these data to advertisers. Just a side note that just came to mind, passwords being used in these services are also broken. They are not secure at all, despite the illusion created by the industry encouraging users to create and maintain strong passwords, which in reality are easy breakable. </free services>