I-Names: Some Practical Answers

Attendees at DIDW 2005 last week received a free 50-year global personal i-name (an “=name”) courtesy of Identity Commons. This is part of the early i-name registration program also sponsored by XDI.ORG, 2idi (i-broker for the program), Cordance (my employer), and NeuStar (operator of global i-name registry services).

Those who were new to i-names had many practical questions, summed up by =dizzyd who blogged:

The immediate problem, of course, is that if I give my i-name to someone outside of the digitial identity space, they’re not going to know what to do with it. Socially, there is no context for this identifier, and even worse, there aren’t any obvious tools available to the average user which would allow them “use” my i-name to contact me. Now, I’m willing to concede that this may just be due to the fact that i-names are not yet popular, and like any new identifier, will just require some time to get fixed in the social awareness. However, that’s not going to happen if the i-name people (XRI/XDI, as I understand it) don’t come up with some useful, or at least well publicized tools. If they exist, I would gladly accept pointers.

Great point, and one being worked assiduously by the XRI/XDI community. So here’s a summary of the first three services being developed for i-names (note that only the first is full available today – the next two are planned for general introduction once full global i-name registry services are operational this fall.)

  1. Privacy-protected address service. This allows you to use the http form of your i-name as a link to a contact page hosted by your i-broker (such as 2idi). Contact pages are searchable Web pages that accept incoming contact requests which are verified by the i-broker to prevent spam. Bloggers like Kim Cameron use this service today as a way to accept comments without comment spam (see his i-name contact link on the right frame of his blog.) Or visit my own =Drummond contact page.
  2. I-name single sign-on (ISSO) service. This allows you to use your i-name and i-broker password to log on at any ISSO enabled website. Although a non-SAML form of ISSO is already in use by 2idi and some of its partner sites, fully SAML 2.0 compliant ISSO is under development and should be in testing shortly. See the ISSO spec page at XDI.ORG for more details.
  3. I-share data sharing service. I-share is essentially “IM for data sharing” — a simple, universal way to share and permanently synchronize common types of data (business cards, files, links, agendas, itineraries) using using i-names and i-numbers. I-share will be the first general use of the XDI data sharing protocol under development by the OASIS XDI Technical Committee.

=dizzyd goes on to ask a second question that comes up often:

On a less practical note, it bugs me that i-names are essentially attempting to create a global address space for the whole Internet. What I mean by this, is that by default i-names are global, so there can only be one “=dizzyd” for the whole Internet. From an identifier standpoint, i-names are regressing us back to the days of “bob394″ and “alice2zz”. Imagine how life would be if we only had first names — how would we distinguish between this Bob and that Bob? The reality is that the Internet is a big place and it needs an addressing scheme that reflects at least some understanding of the scale involved. Email addresses may not be the perfect answer, but at least they add an intermediate partioning of the address space that more closely reflects how big the ‘Net is.

Unfortunately this is a misconception that shows the XRI/XDI community has a lot of market education to do about XRIs. In reality, XRI syntax and resolution infrastructure is designed to be at least as partionable as URIs, DNS names, and IP addresses (principally because XRIs layer over these as abstract identifiers.)

In particular, what might not be clear to a new =name registrant is that they have registered the XRI equivalent of a first-level domain. In other words, if their i-broker supports it, they can now delegate second-level i-names the same way domain name registrants can delegate DNS names under their domain name (i.e., “example.com” can delegate “www.example.com”, “mail.example.com”, “ftp.example.com”, etc.) The only difference is that with i-names: a) delegation always works from left-to-right, and b) the delegation character is * instead of dot (dots are legal characters in i-names.) Examples:


In other words, every registrant of a global =name can serve as their own registry of delegated *names (and each of their delegates can delegate third-level *names, and so on.) Unlike typical DNS delegation, i-brokers can make this very easy and consumer-friendly, so it will be easy, for example, for a family member to delegate *names to other family members. Organizational i-names (@names) can do the same thing, delegating *names to other organizations or individuals, again to any depth. For example:


Note this last example (Example Corp delegating to Jerry Johnson) is essentially the XRI equivalent of an email address (i.e., an organizational authority delegating to an individual.) This demonstrates that XRI syntax provides partitioning at least as flexible and scalable as URI syntax (i.e., DNS names and IP address), while at the same time providing a richer human-friendly naming syntax (dots and colons in addition to dashes, plus support for the full Unicode character set).

(Note: To keep this short, I’m leaving out some other key XRI features – persistent i-numbers and cross-references – that we’ll cover in other Practical I-Names columns.)

Got more “Practical I-Names” questions? If you don’t already have my email address, feel free to send them to me via my i-name contact page at =Drummond.


About Drummond Reed

Internet entrepreneur in identity, personal data, and governance frameworks
This entry was posted in Blogging, General, Identity Commons, Practical I-Names. Bookmark the permalink.