Gradual Epiphany

Tao of Passel

One approach to learning how something new works is to establish the governing principles. In Passel, the code of behaviour is simply this: Identity is Aggregate. This tao (and the implementation thereof) is what distinguishes Passel from every other “lightweight” identity systems (LID, OpenID), and most of the “heavyweight” identity systems (SAML, IDFF, SXIP).

It is of great importance to clarify that Passel is not bound to any one type of identifier. On the contrary, it allows the user to composite any number of identifiers and share the resulting “identity” in a provable manner. Put another way, my identity (online or otherwise) is a formulation of bits and pieces of information that I’ve gathered from different sources. This is what I mean by “Identity is Aggregate”.

Consider the following. I visit a weblog that requires a few pieces of information before it will allow me to comment: first name, last name and email address. Now this particular blog doesn’t really care to verify my first/last name — it’s interested in those solely for reasons of display. However, it does want to ensure that the email address is valid. Using Passel, I can construct the “identity” the blog is asking for by mixing my own self-asserted (something I say about myself) first and last name with a counter-signed (something a 3rdparty is willing to vouch for) email address. The resulting, composed identity is presented to the blog. No registration is needed, since the counter-signed email address can be verified on the fly and the blog can be certain that I, the bearer of the identity, “owns” the email address. My “identity” in this situation was far more than any one identifier — it was the composition of the required values.

Now, let’s take this example and make it really interesting. What if the blog in the previous example not only required a verified email address, but it also required proof that I have my own blog? Now we’re talking about two potentially different sources of information — my email server and my blog/web server. Consider that most people host both of those services with different providers, and you can see where the traditional, single identity source starts to fall down. Passel enables me to get the “proofs of ownership” for each identifier from the two different sources and present them as a single, unified identity.

Let’s take this train of thought to the real world for a moment. When you go on a trip these days, you have to show some government issued ID before they’ll hand you a ticket. One thing that’s always bothered me is that I’m sharing a lot more information than just the proof that I am who I say I am. I’m showing my address, birthday, weight, height, etc. Strictly speaking, the gate agent doesn’t really need to know all that — they could get by on just my name and photo. So what if there was a way for me to peel off my name and photo from my driver’s license and affix it to an ID card of my own making — and, importantly, maintain the integrity of the original credential. In other words, I want the name and photo I pulled off the driver’s license to still carry the authority of the State of Colorado and be able to prove that I haven’t tampered with those values. This is what Passel enables us to do in the reality that we call “Internet”.

The details of how Passel enables this “rip and mix” of identity from different sources is captured in the whitepaper. But until you understand the philosophy that drives Passel, the details are pretty pointless.