Overview#The unifying identity metasystem must guarantee its users a simple, consistent experience while enabling separation of contexts through multiple operators and technologies.
Let's project ourselves into a future where we have a number of contextual identity choices. For example:
- Browsing: a self-asserted identity for exploring the Web (giving away no real data)
- Personal: a self-asserted identity for sites with which I want an ongoing but private relationship (including my name and a long-term e-mail address)
- Community: a public identity for collaborating with others
- Professional: a public identity for collaborating issued by my employer
- Credit card: an identity issued by my financial institution
- Citizen: an identity issued by my government
We can expect that different individuals will have different combinations of these digital identities, as well as others.
To make this possible, we must "thingify" digital identities—make them into "things" the user can see on the desktop, add and delete, select and share. (We have chosen to "localize" the more venerable word "reify".) How usable would today's computers be had we not invented icons and lists that consistently represent folders and documents? We must do the same with digital identities|Digital Identity].
What type of digital identities|Digital Identity] is acceptable in a given context? The properties of potential candidates will be specified by the Web service from which a user wants to obtain a service. Matching thingified digital identities can then be displayed to the user, who can select between them and use them to understand what information is being requested. This allows the user to control what is released.
Different relying parties will require different kinds of digital identities|Digital Identity]. And two things are clear:
- A single relying parties will often want to accept more than one kind of identity, and
- A user will want to understand his or her options and select the best identity for the context
Putting all the laws together, we can see that the request, selection, and proffering of identity information must be done such that the channel between the parties is safe. The user experience must also prevent ambiguity in the user's consent, and understanding of the parties involved and their proposed uses. These options need to be consistent and clear. Consistency across contexts is required for this to be done in a way that communicates unambiguously with the human system components.
As users, we need to see our various identities as part of an integrated world that nonetheless respects our need for independent contexts.