April 16th, 2008
JanRain embraces domain-centric identity
by Tony Haile | 
3 Comments
I learned from Carsten Potter that myOpenID has just launched myOpenID for Domains. The new service makes it even easier for you to make your domain your OpenID. As I’ve said before, using domains as OpenID URLs is essential for personal ownership of identity online. Congrats guys, a great move.
Actually it seems like the service was launched a month ago. Never heard about it before, though.
Indeed, I was about to comment about this on your post about the evils of URL-centric identity. OpenID for Domains appears to address your main objection, but it doesn’t address the issue of abuse of trust. Perhaps nothing really can with today’s technology, but I look forward to a time when I can use an OpenID-based system in the knowledge that I can monitor how my personal information is being used. Ideally, I would also be able to “retract” my information from parties that abuse it. There are some who say that once this is possible, we should endevour to make *all* information about individuals public so that those that have something to hide cannot hide it, and those that wish to control how their information is used, can. I do not, however, subscribe to this idea (put forward in “The Transparent Society” by David Brin, apparently - although I’ve not read it).
The retraction of information from a site that has abused your trust is an interesting idea. I wonder if Simple registration was developed from a one-time passing of information into something that would allow sites to subscribe to that personal information at each authentication (and thus would change when your email changed for example) giving the OpenID owner the ability to change what the site can see at the next authentication occasion, even down to nothing at all.
However, I can’t help but think that, like in meatspace, information that has been given out, especially to an unscrupulous party, is very hard to take back.