Identity 2.0

Petra Sütterlin petra at
Wed Mar 1 18:24:59 UTC 2006

Hi Dick, 

Ok - my fault - it's too detailed for the presentation I have to do. 
Did I understand the gist of it? :
ID2.0/user-centric identity is a part of web2.0.  Superficially regarded it is just a lightening for the users, while registering for websites. Instead of Password and Username I'm logging in with an URL. But the most important difference is: it is open and distributed in contrast to closed and dependent to a domain.
to explain my thoughts a little detour:
In my community ID2.0/user-centric identity is not known. Everything they and I knonw are praises of a newly designed presentation of Dick Hardt- nothing more. Moreover the ID2.0/user-centric identity is associated by the people with the keyword "citizen out of glass". And with this the end of their privacy. The idea is (wrongly) understood in the way, that all websites now will have acces to all my data.
But if I understood it right the complement is the case: By having the choice which data I want to release my privacy is saved.
Am I right?


  Hi Petra

  There are a few different models on how your email address and postal address can be provided to Amazon. One of the concepts behind Identity 2.0 is enabling the user to easily provide identity data.

  The model you describe below is what I would call a "pull" model, where Amazon is pulling the data from your identifier. I'm a proponent of the "push" model, where the user sees what Amazon is asking for, and can select which information to release.

  -- Dick

  On 1-Mar-06, at 8:53 AM, Petra Sütterlin wrote:


    did I understand the following right?:
    I have an e-mail account and a post-adress on my own website. They are for example marked with tags (similar to the tags in the html-header in which I write the servername (i.e.: <link rel="openid.server" href="">)). Because of that the amazon-server searches this one and asks me to release the informations from there.
    And YADIS offers the possibility, that I'm not anymore dependent to a special ID 2.0-modell and I have the free choice.
    It does it like that, because it knows that openID marks the e-mail-adress with a name-tag, while TypeKey or Sxip uses "e-mail-adress" for it.
    Am I right?

    And thanks! Mike Neuenschwander already send me his report.

      Hi Petra

      Identity 1.0 is a domain-centric model. 

      If ebay and amazon were using an ID2.0 model, then they may still require your email and post address, but rather then having to type them in, you would be prompted to release them.

      The Burton group has a report on user centric identity. Mike Neuenschwander is the author. It is not a public document, but you can ask Mike (cc'ed) about it.

      -- Dick

      On 28-Feb-06, at 1:25 PM, Petra Sütterlin wrote:

        Hello to everybody,

        Many thanks for the immediate answer and the links. I'm surprised how good the subject already has been presentated. I did not expect it like this.

        What I am still looking for is more general information about ID2.0 because I will probably have to answer the following questions:
        -What is the difference between ID 1.0 and ID 2.0 ?
        -If e-bay and amazon also applied the ID 2.0 system, will I still have to submit my e-mail and postadress? And in this case I just don't have to fill in password and Username?

        Maybe the answers are already hidden in the links, but I did not find them, yet.

        Best regards and happy greetings from germany
        Petra Sütterlin

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the yadis mailing list