Rick van Rein

zo 16 juli 2017


NGI 3: Own your IDentity

When you were born, your parents selected a name (usually one that was not given to any siblings yet) and attached one of their last names. They registered you with that combination, and this is how you have been known for all your life. Wouldn't it be eerie when, upon registration of your name, the clerk had told you that all last names are coerced to that of an industrial who is currently sponsoring a new highway project? On today's Internet, this pattern is standard practice!

This is part of a series of technical articles in response to the European Commission's initiative to explore the Next Generation Internet, an initiative that we warm-heartedly support.

We all use a variety of online services, and for quite a few of them we need to have a name, so we may access our own data and/or communicate with others using their name. Naming, more formally known as identity, is one of the most potent ways in which you can be yourself on the Internet — and it's one of the most neglected ones.

Have a look at your email address. It takes a general form user@domain.name where user is your name within the "name scope" of domain.name, which in turn is unique within the Internet at any given time. United in this everyday form, they represent a globally unique identity that you hold on the confusing and obstinate network that we all love so dearly. In comparison to your real-life name, you might compare domain.name to your family, and user would be your first name within that family.

You may have had some freedom what user part you got, but in the end it is determined by the administrative staff of domain.name — and it is there prerogative how long you may use that name. Many users have their email address under the domain.name of their connectivity provider for the Internet, most others use a generic provider such as Google or Yahoo.

Both are sub-optimal because you lack control. When your email address is held by a connectivity provider, you cannot count on keeping it when you change to another provider. The generic online providers are not problematic in that way, but they may change their privacy policies, or do other things that you don't like and then you have no way out without loss of your email address. Your email adress is never really yours with any of these providers.

Other services don't even use standard protocols; this is mostly the case with enclosed applications, usually available only over the web protocol HTTP. These services tend to provide you with only a user part because the domain.name part is sort-of implied — you cannot use their service except through their web interface. Facebook is an common example of this. Again, you are dependent on their behaviour where your privacy and online presence are concerned.

The way out is incredibly straightforward, though it takes some technical issues (of the kind that our InternetWide Architecture is designed to resolve in due course). The basic steps are:

  1. Get your own domain name; it's cheap and not really difficult
  2. Create users (and variations) at will, as you would for your new-born baby
  3. Stick to open protocols

The result? If you have obtained example.com then you and you alone get to control its user names. So you can create john@example.com if you want to, but you might as well choose john+amazon@example.com as a special address to register with Amazon, to treat specially and to retract if it turned out that they were spamming you. In short, you now own your identity and you shall own it for as long as you renew the domain name.

As for standard protocols, you can use email with most providers today. That is perhaps the most important. If you look around, you may find one that offers XMPP (aka Jabber) service for chat, and if not you can purchase it separately for a modest amount of money. You have just set yourself up for a cost of around € 25 a year to pay for a domain name, email, web and XMPP chat service, but in return you are controlling the parties that provide these services instead of them controlling you. You have no need to accept the marketing ploys that were oozing over your eye balls.

Your friends may be a bit surprised, but already have multiple interfaces to the various lock-in platforms chosen by their friends. If they question your introduction of yet another one, you might explain that this is the one that is there to last — it is not a commercial whim, swayed by popularity or the need to have a large critical mass to hold on to investors, but that this is an open protocol that you control, and to which anyone can connect from their own domain.name, using the tools of their choice. This is the marvel that we have come to expect from email, but somehow we never demanded the same for chat and many other "lock-in" applications in a shiny web outfit or site-specific App.

In they wanted, you could provision your friends with their own identity under your domain, thus welcoming mary@example.com as your co-user. At least that will get your friends away from unpredictable forces; but it may be even better if they follow your example and pursue their own domain.

So, can you now do everything with this new-found identity? Well, yes and no. Many things will work for you, as long as you stick to the rich diet of open protocols. Examples are XMPP for chat, SIP for telephony, and of course SMTP for email and HTTP for your website. Let's be clear about what that can do to your online presence:

  • For normal email, you will be john@example.com
  • For XMPP chat, you will be john@example.com
  • For SIP telephony, you will be john@example.com
  • On the web, you can be john@example.com

And if we have it our way, you will be a lot more to a lot of other people as well. A few fundamental things that we are working towards in the InternetWide Project are these invaluable assets that today's Internet really needs in support of the aforementioned scenario's:

  • Strong security for your identity john@example.com
  • Single sign-on, meaning you logon only once a day (already covered)
  • Ability to use your logon with non-web protocols (already covered)
  • Ability to use your logon in other realms as your identity (realm crossover)
  • Ability to use your logon on the web (the worst-ever security protocol)
  • Ability to publish credentials and public keys for secure communication

Are you interested? Then go ahead, and register a domain name! It isn't expensive and you will learn many new things, plus you will gradually improve your control over your own identity. You are welcome to follow us or, even better, support us. We collect funds without strings attached, and set up projects that implement things like mentioned above. We are generally said to be highly innovative, surprising and moving in a really important direction — so important in fact, that we usually hear our peers say that we are doing what they hold to be important, yet lack a way of arranging in their own working habitat. And that's us all over; we are here to serve the Internet and its users.

Go Top