The Second Corollary of Identifiers

[Note: This is the second of seven proposed “Corollaries of Identifiers” for Kim Cameron’s Laws of Identity. See the First Corollary for more background info.]

Kim’s Second Law follows closely from his First Law:

2. The Law of Minimal Disclosure

The solution which discloses the least identifying information is the most stable, long-term solution.

2a. The Corollary of Minimal Disclosure for Identifiers

The identifier which discloses the least identifying information is the most stable, long-term identifier.

At first reading, this corollary seems tantamount to a prescription for URNs (Uniform Resource Names). It has long been a maxim that if you want a long-term, persistent, stable identifier for a resource, the identifier itself must contain little or no semantics, because semantics are always subject to change. By this maxim, either of the following two identifiers (a conventional UUID expressed as a URN, and persistent XRI) are ideal from the standpoint of minimal disclosure:

urn:uuid:f0502a17-4503-4463-8516-f1225b330e4d
=!(!762A!C40D!28E7!BB9C)

By contrast, the following globally-unique identifiers (XRIs) contain real-world semantics that may change over time:

=Drummond
@Cordance*Drummond
@Cordance*(=Drummond)

However, all of the XRIs above contain less identifying information than the following globally-unique identifiers (DNS names and email addresses):

equalsdrummond.name
drummond@example.com

Why? The first is a registered DNS name that requires the registration of real-world contact data which, even though registered using a proxy registration service (that cost me as much as the name itself!), is still available should someone have an important enough reason to identify me as the real-world owner of this domain name (were I not publicly blogging about it).

The second, an email address, reveals a direct method of interacting with me (as would a phone number, fax number, IM address, postal address, etc.)

So a first observation about the Second Corollary is that it is best served by abstract identifiers – identifiers that by themselves do not reveal a direct interaction method with a resource, but must first be resolved into one or more concrete interaction addresses.

A second observation is that abstract identifiers themselves fall into two classes: those that contain the very least identifying information (and thus can serve as the most persistent, as with the first set of examples above), and those that contain some degree of real-world semantic information and therefore may be less persistent — but much easier for ordinary mortals to use (like the second set of examples).

[Caution: XRI soapbox follows. Full disclosure that I am co-chair of the OASIS XRI TC.]

XRIs are, to my knowledge, the only abstract identifiers that natively support both of these classes: persistent XRIs (called i-numbers) and reassignable XRIs (called i-names) — or any combination of the two within a single XRI. A more detailed discussion of how XRI syntax does this is in section 3.1 of the Introduction to XRIs document published by the OASIS XRI TC as part of the current OASIS public review.

As we’ll see in future Corollaries, a unified syntax for both i-names and i-numbers allows XRIs to support any point in the continuum of perpetually persistent to rapidly reassignable, while at the same time supporting any point in the continuum of zero disclosure (disclosing no real-world identifying information) to full disclosure (such as disclosing one’s full legal name).

(Since I’m on the minimal disclosure side myself, unless you already have my email address, please send any comments through my i-name contact page at =Drummond.)

Advertisements

About Drummond Reed

Internet entrepreneur in identity, personal data, and trust frameworks
This entry was posted in General, Identity Commons, XRI. Bookmark the permalink.