Category: Digital Identity

  • Phriend Phishing

    Everybody knows about phishing these days: the attempt by an attacker to trick a victim into revealing information to them by masquerading as somebody else. For example, a site called examplé.com might attempt to pretend to be site example.com. It is often initiated by e-mail, whose sender address can be easily falsified, and often works…

  • What kind of organization is the right one for OpenID?

    Let’s assume that the OpenID movement continues its dramatic growth for a few more years, and instead of a dozen technology vendors supporting it for hundreds of sites and a handful of use cases, as it is today, we’ll have hundreds of different implementations on tens or hundreds of thousands of sites, applying it to…

  • Persistent Personas (aka Recognizing Each Other)

    If you and I met for the first time yesterday, we spent some time to learn about each other, and you see me crossing the street today, you will recognize me. Recognizing others is a fundamental human ability, and crucial for society to function. (Imagine if we didn’t.) It used to be that way at…

  • Link Contracts in XDI

    In my quest to learn more about the good stuff that other identity projects have come up with (and that often is subject to a NIH syndrome which I’m not a particular fan of), Drummond Reed has again been the target (victim?) of my questions. [The deal is that he answers my questions, but I…

  • Michael Graves Said Something Profound the Other Day

    He said: . If it doesn’t have a URL, it doesn’t exist. This happened to be in a hallroom conversation at Digital Identity World, in the context of URL-based digital identity. But his insight is much broader. The thought that immediately springs to my mind is Wag The Dog‘s "Of course it’s true; I saw…