Gradual Epiphany

Feedback From Johannes

A big part of kicking off a new project is responding to people’s first reactions. Johannes of the the LID clan documented some of his initial reactions to Passel, so I figured I’d address some of his musings.

A major part of Johannes’ comments revolved around the concept of identifiers. In particular, he wondered how Passel would use email addresses effectively, why it didn’t use Jabber IDs (JIDs) and why it doesn’t conform with REST-ful principles (i.e. Passel identities are not directly addressable). All of these concerns indicate a slight misconception in the way that Passel works. Passel isn’t tied to any particular identifier (or scheme) — see the Tao of Passel. The reason the whitepaper refers to email addresses so much is that they are a well understood, deployed identifier, and the perfect one to bootstrap off. So, using the email address as a starting point, Passel can help people incrementally build identity on top of their existing systems and trust models. There’s no reason why Passel can’t be used to ferry around i-Names or any other form of identification. As for not being REST-ful, Passel is about moving identifiers (and associated information) and so is not directly addressable, and there is nothing to be REST-ful about.

Another comment questioned why Passel ties “identity requirements discovery” directly to HTML. There’s a method to the madness here — Passel is enabling web-based identity applications (for the moment). It makes sense that a lightweight identity system trying to do this would use META tags which are available for this very purpose.

Perhaps the biggest question that Johannes raised is the following (from his blog):

Chapter 3 in the white paper is titled “Passel as an Identity Meta-System”. It is Ping Identity that paid for Passel, that, two months ago, shared the stage with the Microsoft CTO at Digital Identity World, to announce (and demo) their joint plans around Microsoft Infocard, Microsoft’s proposal for an Identity Meta-System. There is widespread agreement in the industry that an identity meta-system is only an identity meta-system if it is ubiquitous and has no competition … So what do I make out of that chapter 3? From what I can tell, there is basically zero technical commonality between Passel and InfoCard. There must be a simple explanation that I simply fail to see right now. (looking for comments)

I’m not sure where Johannes gets the idea there is “widespread agreement” that a meta-system is only a meta-system if it is ubiquitous and without competition. Doc Searls and Dave Kearns certainly haven’t bought off on that — and they’re both major players in this discussion. In fact, I’m a little confused by his assessment, since he noted in his own blog just last month that InfoCard is only a component of the meta-system. So, I think this is actually a non-issue — Passel is just another part of the (so-called) identity meta-system. :)

Most of the other comments had to do with implementation choices made in Passel. I think it’s a little silly to squabble over those sorts of choices until one fully understands the intent and workings of the protocol.

There’s still a huge amount of work to do on Passel. We have a public demo to setup, lots more code to write and lots of discussion to have. Yes, our codebase is small and yes there’s a long ways to go, but I believe we’ve got the foundation to build a solid network for end-user identity that encompasses more than any one identification system.