May 13th, 2008
Identity, OpenID and ‘Cognitive Load’
by Tony Haile | 
8 Comments
We are often free and easy with the definitions of those things that mean most to us. We all applaud freedom, and yet often do not take the time to distinguish what kind of freedom we mean. It is the curse of all slogans that they somewhat lose their power when accompanied by an asterisk. Over my next few posts I’d like to look at the wider implications of identity and ownership and unpack the asterisk.
Dick Hardt does a far better job than I ever could here of introducing the multi-faceted components of identity in his OSCON talk on identity 2.0 and if you haven’t seen it, you should. The point is well made that our physical identity is a pretty amorphous term that encompasses any number of different aspects from our name and passport to the car that we drive and the same can be said for online identity. For me however, we can distill the core components of our online identity down to the ABC of Identity:
- Authentication - I am who I say I am - my OpenID, my usernames and passwords.
- Brand - My photos, my designs, my words, my friends, my reputation, my choice of services and companies - how I choose to represent myself to the world and how the world in turn chooses to represent me
- Communication - How I choose to communicate and the identifiers that I use - my cell number, my email address, my IM handle.
The more coherent my identity is across these three facets, the stronger each individual component becomes. If I want to encourage adoption of a new identity component, my task becomes easier if I can link it to one of the other components. The standard username/password set either links brand (nickname) or communications (email address) to authentication. The key representation of my brand on Facebook or Myspace is strengthened by that profile being linked to my communications, messaging occurs between personal brands.
This has wider implications for consumer adoption of OpenID. One of the key barriers to adoption raised by critics is that for mainstream users the idea of typing in a URL in order to log in to a website is too much. The argument is that the ‘cognitive load’ of typing in a URL is substantially greater than typing in your email/username and password.
However, the cognitive load springs not solely from the problems of typing in a URL (though the complexity of the URL plays a role); the issue is one of emotional rather than cognitive load; the URL as authentication is often totally divorced from the other components of their identity. If, for example, http://johnsmith.myopenid.com has no relation to my brand and I can’t use it to communicate, that URL has little emotional resonance and means that typing in this random URL to authenticate who I am is less intuitive.
If we really want to see OpenID adoption take off, we should look less at throwing up a multiplicity of buttons to ease the flow and look more at how we can build the links between authentication, brand and communications. This could be done by mainstream brand repositories like Myspace becoming OpenID providers, and myspace.com/johnsmith becoming the place where my brand, communication and authentication come together in one URL that represents the totality of me. Focused OpenID providers like JanRain could build out what are currently fairly bland profile pages to make them more full-featured strengthening that expression of my brand. One might argue that with Livejournal, this was the original promise of OpenID. However, we still run into the problems of centralizing your life on a URL that you don’t control.
Domain-centric identity solves this problem to a great extent: If Johnsmith.com is the home for my brand, the domain through which my email and other communications flow (john@johnsmith.com) and OpenID providers provide domain delegation, I can create a flexible, permanent home for my identity centered around a URL that represents me with an experience that no longer feels fragmented or divorced from who I am. Instead of typing in john@johnsmith.com, I am merely typing in johnsmith.com. It does us good to remember that OpenID holds more than the promise of one password, it holds the promise of being one person.
I love it! Give me access to the Mark-up (or a section of it), let me add XFN tags and a FOAF link so it can become my digital hub to the Google Social Graph endpoints, let me add an RDF description so people can aggregate and query against my identity. If you don’t allow me to write markup, provide tools that will generate it for me. That would be useful.
Eric, agreed. It’s a natural fit to the Google social graph hub idea and one of the first things we built into Chi.mp.
You know, I’ve really been loving all the content posted here, but I’m beginning to grow tired of the inevitable result of each post being that Chi.mp is the answer.
I feel uncomfortable with the conflation of ownyouridentity.com with chi.mp. Is this the official blog for Chi.mp? The ‘About’ here doesn’t state that, although the Chi.mp site does point to this site and its RSS. Your blog posts here, rarely, if ever, mention Chi.mp, but the comments always do.
The connection is apparent, so why the obfuscation?
I have no problem with this blog as a discussion point and you taking findings from that discussion to build/improve Chi.mp. I have no problem with this blog being the official company blog for Chi.mp (but the domain seems inappropriate, if so).
One of my problems is that neither is categorically stated. It is not clear to the casual reader what, if anything, is the connection between the two.
The second problem is that these posts seem to serve as making an argument to support your decisions for Chi.mp - without actually making reference to that. It feels like you’re crafting positions so that when Chi.mp is released, your readers will think of it as the solution they’ve been looking for, as they’ve started thinking about the problem the same way you have.
Does this follow? I’m not having a go. I see so much potential for discussion in these posts, and then you tie it back to some pre-determined conclusion that supports something you’re building into Chi.mp. That disappoints me because I feel like it’s a failure to meet the potential inherent in these concepts.
Hi Lachlan,
Thanks for the compliment on content, it’s always great to hear, though I’m sorry if we’ve frustrated you at all. We don’t mean to obfuscate the relationship between Chi.mp and OYI, I put in the first blog post here that:
‘This blog is an opportunity for some of us within the team, in particular Josh Porter, Brian Oberkirch, Myles Weissleder and myself, to delve into the area of identity online and engage with those who are interested in domain-centric identity and Chi.mp.’
However, your comment has made me realise that we need to be more clear about that and I’ll make sure the connection is highlighted in the About. We’re only 12 posts in at this moment and still learning so all the feedback is really helpful.
This isn’t the official Chi.mp blog (that launches next week). For me this is more a place to explore the concept of domain-centric identity and put our thinking out there for criticism. Chi.mp is the main company pushing this and of course is on my mind more than most but when other players in the space advance the concept, such as JanRain with their domain delegation tools we try to highlight and celebrate them too. I’ve also asked Chris Messina of Diso (and now Vidoop!) to write a post about Diso and am keen to get other non-chi.mp voices on to the blog. In fact, if someone has some clear compelling reasons why they think the concept of domain-centric identity or even Chi.mp specifically sucks, I think OYI should be a forum for that too. I want people to see different solutions to us, it will help our thinking develop, make for a more thought-provoking blog and ultimately make Chi.mp a better service.
However, I see your point about posts seeming to build up to Chi.mp as the answer to all things. I guess for me it’s the other way round. I’m spending a lot of time thinking about the problems we face today and trying to build something that fixes that. It’s not the stuff we’re building into Chi.mp that drives the blog, it’s the thinking on the blog that is driving the building of Chi.mp.
Either way, your points are well taken and I’ll try to be clearer about who we are and make more of an effort to open the debate up a little more effectively. Keep on holding our feet to the fire, it’s the only way we’ll learn!
Tony
Good point, I remember that post. I’ve been here from the start.
But it was the lack of connection elsewhere that troubled me. If you clarify things in the About and launch the official Chi.mp blog, that’ll probably go a long way to tidying up the relationship.
Non-chi.mp bloggers here would be very cool too. I’ve really been enjoying the content, but so far it hasn’t stirred much debate in me as it has felt very orientated towards a product that I haven’t seen. It’s a bit hard to critically respond to that!
Thanks for responding so promptly and taking my concerns on board. Keep up the good work!
Excellent post, I like the break down of Identity in to the ABCs.
I work for Vidoop and we have a OpenID provider at http://myvidoop.com that has pretty decent profile pages. We are working on adding custom avatar support and other cool features. We also currently support delegation.
Keep up the good work.
Cheers,
Kevin
Hi Kevin,
Thanks for highlighting myvidoop, I should have known that Vidoop would be ahead of the curve on this one. Luke was showing me some of your strong authentication stuff this morning and it was very impressive. I’m looking forward to what you guys can do with DiSo!
[...] Identity, OpenID and ‘Cognitive Load’ - Own Your Identity [...]