I’m watching the Sxip presentation given by CEO Dick Hardt. I spoke to their marketing person yesterday and went to their little shindig up in their suite and have to say, I’m still skeptical. Very quickly, Sxip aims to create a user-centric identity system they’re dubbing Identity 2.0. The idea is a single sign-on (SSO) system that, unlike systems like Passport, puts you in control of which companies host your data, what data to share, and which data from which provider to share. So, theoretically, if you had an ESPN.com account, you could make ESPN.com the authority for one of your online identities. If you went to Amazon.com, in a Sxip/Identity 2.0 world, you’d be able to tell Amazon to use ESPN.com to authenticate you. ESPN.com would only pass on the registration data you authorized to Amazon. Sxip doesn’t have to be the solution for Identity 2.0, but of course they want to be the preferred choice.
The problem I see with this system is that it’s too cumbersome for users. The problem I have isn’t that I have multiple identities on different sites, but that I have to fill out the same email, name, address, phone number, etc. all over the place. It’s annoying. I do actually really like having multiple identities.
The system doesn’t do anything about naive users making “bad” privacy choices. Instead, if I add my cell phone, say, for a particular site to use, I might just always opt to have my authority site (home site in Sxip jargon) keep that data too. Just for ease of use, if nothing else.
What I’d rather see is a browser/computer centric solution that would allow users to store certain data on the client and then come up with a microformat-style system where the browser or a plugin could fill in the form using the hints provided in the form.
That would be simple, and easy for users to understand. Every time they add data to the local schema, it’s always convenient and it makes it more difficult for users to make “bad” privacy choices. People just read forms, see the fields that get filled in, and then can either just delete the fields they see filled in. Perhaps the persona idea from Web 2.0 could be stored locally as well. Anyway, anything that works well on the client and keeps data with me I think is better. Most users won’t know this, but will get the convenience of SSO and simplified registration. That’s all we really need, right?
October 8th, 2005 at 3:25 pm
Präsentationstechnik für Fortgeschrittene
Wie heisst es so schön? You win some. You loose some. Damit kann ich gut leben, wobei mir ersteres allerdings in der Regel lieber ist. Aus diesem Grund habe ich mich dann zwischenzeitlich auch mal schlau gemacht, wie man möglichst geschickt seine Ge…
October 13th, 2005 at 9:30 pm
Hi Sujal,
Sorry we didn’t have a longer opportunity to chat, as I would have been able to explain that Sxip does indeed do formfill. More details are on http://www.sxip.net. The browser solution you mention is something we’re currently exploring with Firefox
Cheers,
Lori
October 13th, 2005 at 11:24 pm
Hey Lori,
I think I got that, even though I didn’t say it. I guess I mean I’d only want it to do form fill and nothing else.
but, like I said, I’m looking forward to the first implementations of this out in the wild to make up my mind. I think the idea is good, don’t get me wrong.