The Fourth Corollary of Identifiers

[This is the fourth of seven proposed “Corollaries of Identifiers” to Kim Cameron’s Laws of Identity.]

Kim’s Fourth Law is the only one that deals directly with digital identifiers:

4. The Law of Directed Identity

A universal identity system MUST support both “omnidirectional” identifiers for use by public entities and “unidirectional” identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.

Of all seven of Kim’s Laws, this one has the most obvious corollary:

4a. The Corollary of Directed Identifiers

A universal identifier system MUST support both “omnidirectional” identifiers and “unidirectional” identifiers and MUST make it practical for the identified party to control which type of identifier is used in any particular identification relationship.

In short, the Third Law requires an identifier infrastructure capable of fulfilling its requirements as well as those of the First Law (user control of information disclosure).

As is often the case, “public is easy and private is hard”. In other words, it’s not difficult to meet the need for public, omnidirectional identifiers. Wired/wireless phone numbers, domain names, email addresses, or instant messaging addresses all fulfill this requirement to a greater or lesser extent. (In fact, though they are much less user-friendly, so do public keys.)

The challenge lies in the second half of the equation: unidirectional identifiers. None of the identifier systems named above were designed to meet the requirement of easily producing and managing private unidirectional identifiers that are not public and do not provide the “correlation handles” Kim refers to.

For example, I’ve always thought it amusing that phone companies charge you extra for NOT publishing your phone number. After all, aren’t they saving work and paper? In fact not – phone numbers were designed to be omnidirectional identifiers, and any attempt to try to constrain that omnidirectionality requires extra work on the part of the phone company (and many other parties).

The same goes for publicly available DNS infrastructure. When registering the domain name “” I was astounded that it cost me MORE to keep my registration information private (using a proxy registration service for the Whois listing) than I paid for the name itself!

As Mark Baker pointed out in his feedback on the Second Corollary, the situation is slightly better with email – services like Hushmail exist to help you register anonymous, privacy-protected email addresses. Unfortunately by themselves these don’t fulfill the requirements for “unidirectional” identifiers. If you reuse an email address — or any other identifier — across websites it renders it as much of a correlation handle as a real-world name, phone number, or URI.

This means unidirectional identifiers must be generated on a per-relationship basis – a requirement that is anything but trivial. Bell Labs developed an entire email technology, Target-Revocable Email Addresses, to do this. The Liberty Alliance Project bent over backwards to bake pseudononymity into its architecture. So does WS-Trust.

[Warning: stepping on my XRI soapbox now.]

So here’s a simple way to look at the XRI 2.0 specifications from OASIS: they are the first identifier specifications that provide equal support for both omnidirectional and unidirectional identifiers. In other words, they provide a uniform syntax and resolution protocol for both human-friendly, reassignable i-names and machine-friendly, persistent i-numbers. The former are designed explicitly for public, reusable, omnidirectional identifiers, while the latter are ideal for private, one-time, machine-generated unidirectional identifiers (though not all i-numbers will be unidirectional – some will serve as synonyms for omnidirectional i-names.)

XRIs also go one step further in supporting the Fourth Corollary: because XRIs are abstract, the XRI resolution protocol enables XRI authorities to control access to the attributes of an omnidirectional XRI like an i-name. In some cases this may lessen the need for unidirectional identifiers, but in all cases it helps fulfill the First Law requirement that every authority should have control over the release of its information.

(A case-in-point is my own i-name contact page at =Drummond. If you don’t already have my email address, please send me any comments there.)


About Drummond Reed

Internet entrepreneur in identity, personal data, and trust frameworks
This entry was posted in General, Identity Commons, XRI. Bookmark the permalink.