Sunday, January 22, 2006

Notes on Laws of Identity (Part 2)

Here is the second part of note on the Laws of Identity. Enjoy.

1. "Laws" in Laws of Identity should be understood scientifically - hypothesis about the world resulting from observation which can be tested and therefore disprovable. Laws shouldn't be understood here from moral or legal perspective.

2. Digital Identity is defined as a set of claims by one digital subject about itself or another digital subject. A digital subject is a person or thing represented or existing in the digital realm which is being described or dealt with. Finally, a claim is an assertion of the truth of something, typically one which is disputed or in doubt.

3. Examples of claims:
  • A claim could convey the identifier. ("jdoe" is the username for John Doe)
  • A claim could assert that a subject knows a given key.
  • A set of claims might convey personally identifying data.
  • A claim could propose that a subject is part of a certain group.
  • A claim could state that a subject has a capability.
4. Our definition leaves the evaluation of the usefulness (truthfulness) of the claim to the relying part (or the party to which the claim is made). Evaluation of a digital identity thus results in again producing claims. Matters of trust, attribution and usefulness can then be factored out and addressed at a higher layer in the system than the mechanism for expressing digital identity itself.

No comments: