Today, Google launched “Me on the Web” as part of their Google Dashboard.

However, your online identity is determined not only by what you post, but also by what others post about you — whether a mention in a blog post, a photo tag or a reply to a public status update. When someone searches for your name on a search engine like Google, the results that appear are a combination of information you’ve posted and information published by others.

Today we’ve released a new tool to help make it easier to monitor your identity on the web and to provide easy access to resources describing ways to control what information is on the web. This tool, Me on the Web, appears as a section of the Google Dashboard right beneath the Account details.

found via http://mashable.com/2011/06/16/google-me-on-the-web/

The idea that reputation matters and will become both more important and transparent are coming of age. Very soon, we’ll start needing better tools to vet the opinions that are being tracked and surfaced across the web.

Now, if only I could publish this dissertation…

The last month and a half have really been a blur. Let’s see if we can work out why…

PARC
I met Ed Chi at ASIST last October when he hijacked a panel with his very interesting work on WikiDashboard. I had seen the work already and knew enough about it to approach Ed and pick his brain about how I could collaborate with the project. In December, while in Mountain View for IIW again, I made an appointment to visit PARC and see how things worked inside a research center famous for many years for doing cool things. I left with the plan to apply for a summer internship working under Ed in the Augmented Social Cognition group on WikiDashboard itself. In the Spring, I heard that they really wanted me and I made the decision to be in Palo Alto for four months. I’m thrilled with the work I’ve been doing for the past four weeks and the people I’m working with. There is quite a bit of interest in wikis and other collaborative tools in ASC and I am very pleased to be in the middle of it. I hope to be able to share a bit more about what I’m working on when the time is right.

Drive to California
Of course, after making the decision to be in California for the summer, I needed to work out how that was going to happen logistically. The decision was made to drive and so, for six days, many miles were covered, a sister was visited, and lots of money was spent on gasoline. All in all, a grand success – and one I look forward to duplicating on the way home in early September, except for the gasoline part.

IIW 2008a
Already being in Palo Alto, it was very easy to join in the semi-annual gathering that is the Internet Identity Workshop. This was my fifth(?!) and again, it was great to sit and talk with the people building this next generation of technologies. The climate has shifted even more now to business models and reputation – a far cry from the spec discussions and interop demos from only a year or two ago. I spent an afternoon talking with Eugene Eric Kim, yet again, and still find him one of the most compelling people working in this space. He’s got projects around the world and he’s excited about how these technologies are helping groups get their stuff done.

Park Alumni Society
Speaking of groups getting their stuff done – I’ve been in a heavy development cycle in the last couple of months. I’ve written more code and pushed more new features into production in the last 7-8 weeks than any time since writing claimID. I am the president of an alumni group at NC State and run our intranet and web presence as well. We recently added a unified login to our forums and wiki and the new application that runs the Park Office’s interactions with the scholars themselves. The effort required to network across classes and facilitate communication should go way down. I’m very happy with the result and hopefully I can start to sleep a little more soon.

Park Scholarships
The Park Scholarships itself is undergoing some change. The director of the scholarship has announced her decision to take a new position, and after eleven years, we need to find a new leader. I have been asked to be on the search committee by the Chancellor and I hope we can help deliver a candidate who can fill the rather large shoes being left behind in August.

ClaimID
ClaimID is getting some development love itself this early summer (in between rigorous interviews). Fred and I are integrating a new authentication mechanism into the mix. It works by selecting images instead of typing passwords. Watch this space as we work out all the kinks and make a new shiny thing.

iPhone
And with all of that, I’ve finally found the need to enter the modern world of telephony. I bought an iPhone before the trip out west, and have been thrilled at how much it’s changed my daily interaction with the information around me. Numbers, addresses, internet, camera, music, podcasts, calendar, maps – it’s in my pocket and it syncs with the stuff I already had. Very cool. Highly recommended.

• Social Graph Foo Camp
  Feb 1-3, 2008 – O’Reilly Campus, Sebastopol, CA
  Attending for myself and for claimID – this will be my first Foo Camp. I’m excited to meet some of the names I’ve been reading/watching for some time. I’ll be in the SF area through Tuesday evening (5th).
• iconference 2008
  Feb 27-Mar 1 – UCLA, Los Angeles, CA
  I’m attending the doctoral colloquium the day prior to the conference, and then presenting a poster about my old friend Cloudalicio.us.
• Wedding of two dear friends
  Mar 27-Apr 3 – Santiago, Chile
  I’ve been looking forward to this for a year now…
• ASIS&T Social Computing Summit – IA Summit
  Apr 10-14, 2008 – Miami, FL
  I’ll be speaking on the data portability and open social networks panel led by Brian Oberkirch. More information here and here… Please come say hello.

MyOpenID

First, I see that MyOpenID has implemented MicroID. Excellent implementation. They allow you a lot of control over how your information should be shared – and with your confirmed email addresses, they publish MicroID for others to be able to better confirm it’s really you.

Plaxo

Second – Plaxo has rolled out their canonical myplaxo.com URLs for each user. Before, the myplaxo.com space autoforwarded to an ‘add me’ page for each user. This was less than perfect for MicroID since MicroID calculates hashes based on the displayed URL in the browser.

With a tweak to the apache configuration at Plaxo, the URLs are stable and Joseph got it working to spec and now things are humming.

Plaxo publishes a MicroID for each of the verified email addresses in your account.

Good stuff.

Digg

In another strong showing for the spec – this morning, Digg rolled out MicroID on their user pages as well. You can see them on any user page at http://digg.com/users/username. Additionally, Digg has taken the interesting new approach to publishing MicroIDs in their responses to API calls as well. A request for developer Steve Williams’ profile via the API produces:

<?xml version="1.0" encoding="utf-8" ?>
<users timestamp="1201200757" total="1" offset="0" count="1">
 <user name="sbwms" icon="http://digg.com/users/sbwms/l.png" registered="1135702996" profileviews="14706" fullname="Steve Williams" microid="mailto+http:sha1:e945976887f47a4ae2bc20dace1a3e4a3808143c">
  <link href="http://www.baychi.org/" description="BayCHI" date="1190263703" />
  <link href="http://www.nuqu.org/" description="Moffett Blog" date="1190263688" />
  <link href="http://www.sbw.org/" description="Home Page" date="1190263641" />
 </user>
</users>

Excellent work all around – this Data Portability thing is actually going to happen one day.

As I wrote over at claimID, we had an incredible few days. There was a new energy in the air this time as interoperability was assumed and a focus on services began to take centerstage. There was a lot of talk about Reputation, OpenID 2.0, and OAuth 1.0. We’ve got the pieces now to begin building compelling applications and services. The business models will be appearing in May at the next conference.

We even had an impromptu OAuth party on Tuesday night in honor of the spec being released. Smarr/Recordon/Wachob/Hammer-Lahav/Messina and myself.

I ran a session on Tuesday morning on OpenLifeBits (thanks to John Panzer for the wiki notes) – and had some excellent feedback as well as discussion around what we should be building to house/manage our personal information. How do we define these bits and who owns this content? Is the information we have housed in the corporate silos our own? If someone else is involved in the creation of a particular piece of data – do we both own it? Do we own it jointly with the company as well? A friend request on Facebook – who’s is that to share? Mine? Hers? Facebook’s? Legally, today, it’s Facebook’s.

I’ll take credit here for two quotes captured on the wiki:

“Stalkers were on MySpace, now Facebook _is_ the stalker.”

A little over the top – but definitely something I feel strongly about. We’re seeing individuals post more and more personal information into corporate repositories willingly and without due consideration for where their information is visible and/or to be used under the terms of service.

I see Beacon as part of a greater slippery slope – we’ll all be living, publicly documented, without recourse.

“It’s a good thing that a bad thing became public” — on FB Beacon.

I feel strongly that Beacon is only the first public-facing version of what these large corporations have been doing for years. It is completely naive to think that companies will give away their services for free to the consumer without trying to leverage what they learn through statistics and demographics to make money. They have to have a bottom line, or they go out of business. Free or not, this stuff costs money to run.

When Facebook shows the public what is possible with their data, at first we squirm and yell, then we realize that we like more targeted information – it becomes less about SPAM and more about information we actually wanted.

The tricky part lies in where that fuzzy line of ‘worth it’ is drawn. Is it worth it for me to give my information to a company so I can get a free burger or $5 off my next box of detergent? For most consumers, the answer is clearly yes – or we wouldn’t continue to see these types of offers.

A quote from Alison Black:

Getting inside people’s decision-making, to inject caution before commitment is likely to be extremely difficult (even with well-understood hazards, such as smoking and alcohol, health educators have difficulty getting their message across). But given that there is a likelihood that many people will continue to act humanly and, therefore, incautiously, there is an opportunity for companies to commit openly to respectful data handling. It may cramp their style for trading data in the future, but as more companies commit themselves to rigorous standards, those that don’t will stand out. Maybe this contrast could pique people’s consciousness just enough for them to ask ‘whatever they’re offering, do I want to hand my data over to them?’

When things like Facebook Beacon force us to realize what is happening behind the scenes, we’re more likely to have informed opinions in the future (which is a good thing). That said, I’m not holding my breath for when we’ll see all these companies go with opt-in as their default. In today’s market, it just doesn’t pay nearly as well.

What fun.

The wonderful folks at American Public Media’s American RadioWorks are looking for ClaimID users to appear in an hourlong documentary about online identity and self-marketing. This is a great chance to tell your story about online identity, as I know many of you have thought about this entensively.

…

As teens get older and apply for college admission or employment, online identities can be cast in a new light. American RadioWorks seeks individuals, roughly under the age of 35, for inclusion in a radio documentary. ARW is looking for those who have online identities (profiles, blogs, etc.) and who are using ClaimID. ARW prefers to start speaking with individuals before they begin using ClaimID, in order to follow them throughout their process of using the service.

Both short papers I submitted to ASIST were accepted.

Fred and I submitted a claimID write-up with the title “Self-Representation of Online Identity in Collected Hyperlinks”.

Additionally, my first attempt at writing down my thoughts about the use of social tags over time was accepted with the current title “Tag Decay: A View Into Aging Folksonomies”.

I’m very excited about both of them – and look forward to feedback. These two topics, in their own way, are presenting themselves as the structure beneath my upcoming dissertation research – Contextual Authority Tagging.

The second bit of news this week was concerning my talk at the VCU Technology Days next week in Richmond, Va. I’ve been given the keynote slot at 12:30pm on Wednesday to speak about “Online Identity Management”. Additionally, I’ll be there on Thursday to field questions about claimID specifically. Please drop in if you’re nearby.

It’s funny how weeks go by without a feeling of tangible progress. And then there are weeks like this one.

What was he doing that I found so compelling? It was his Ph.D. research on ContextualAuthorityTagging. The basis of the idea is simple: The best way to identify an authority on a topic is not to ask people to self-identify themselves as such, but to ask others to identify the people they consider to be the authorities. We can leverage this principle to locate expertise by building tagging systems where users tag other users with information about their expertise. (LWT)

Terrell has thought really deeply about this, and several of his ideas are documented at his website and on his blog. PhilWindley and DavidWeinberger have also commented on his work. (LWU)

I heard more original ideas about tagging in that 20 minutes of conversation than I’ve ever heard from anyone else. The one that really struck me was the notion of tag disparities: comparing what people say about you to what you say about yourself as a way of measuring reputation. Sound familiar? It’s a real-life instantiation of the SquirmTest! (LWV)

And then, Aldo Castañeda at The Story of Digital Identity (STODID) contacted me to talk about my work. We spoke last week and he’s posted the podcast this morning.

Episode #55 is live and the direct link is here. It’s just over 36 minutes long.

I also wanted to share that I’ll be in Austin this next week for SXSWi – so please send me a note if you want to talk and/or get a very cool claimID button.

OpenID is in the air, and providing services across domains will become very important very soon. I think we’re still about six months out from the Big Bang. August. I’m calling it.

Verification underlies Identity. Identity underlies claims about a person. Aggregated claims underlie the reputations we ascribe to people. With reputation, we can do really cool stuff. And it’s coming…

Cross-posted at claimID proper:

ClaimID allows real people to aggregate what is online about themselves. It allows them to bring links together, sort them, talk about them, and generally refocus their online identity on their own terms. We’ve had great success so far in getting that message out – and the feedback we’ve received has been positive. People really like the empowerment and are pleased when their claimID page begins to appear in the search results for their name.

But we also want to convey that these links are validated – verified in some way. So we introduced MicroID and OpenID to our system. Since that time, people have been pointing to their own websites, their own blogs, and their own OpenIDs hosted at other Identity Providers (AOL, Verisign, JanRain, Livejournal, etc.). And with all of those identities, it made sense for us to create a trusted place for you to aggregate them.

Verified Page

Today, we launched a special page for each person that brings these verified links into greater focus. The verified information about a person is presented all on one page, in one place – and you can be sure that these links are maintained by the person who owns the claimID account because of the math behind the scenes. MicroID and OpenID are based on strong hashing algorithms and cryptography and have been designed to validate and verify claims – just the sort of thing we’re doing at claimID.

Our pages are at:
- http://claimid.com/terrell/verified
- http://claimid.com/fred/verified

They’re very clean and very powerful.

Once you find someone’s claimID Verified Page, you can be pretty sure that who you’re reading about at claimID is the same person at all those other sites. This allows us to really begin to tap into the power of distributed identity and maybe even hint at some uses for basic reputation across disparate websites. Of course, if you don’t want to display your verified identity, you can easily turn this off in your account settings.

We’re not done with online reputation yet, but the single verified page at claimID is a very strong early step.

We retooled the documentation, made it more apparent to the new user the benefits of having and using an OpenID and generally tidied up our original copy as we prepare for that “big growth” that we keep seeing poke its head around the corner.

From the official blog post:

At ClaimID, our strength has always been translating the complex into the simple. We want to give you the best solutions, without requiring you to read a protocol or understand code. As web identity plays a greater role in all of our lives, we feel that we can really help people by enabling them with solutions simply. And as OpenID grows (and it will grow, says Bill Gates), we want to be there to help you take advantage of this amazing and useful tool.

We’ve seen lots of convergence in the last few months – and even more in the last couple days – and we want to make sure we’re helping as many people as possible follow along at home.

Scott Kveton from JanRain has a nice writeup on the latest happenings:

OpenID has always been about convergence. When Brad, David and Johannes talked about how OpenID and Yadis could work together over a year ago. When the XRI folks brought their amazing people and technology to be integrated into OpenID 2.0 last Spring. This past Summer when Sxip Identity joined the OpenID party by joining in on developing the specification and offering up their attribute exchange specification to the OpenID community. And now today, we have a commitment from Microsoft to take part in the OpenID community as well as enable the technology for their future identity products.

There are a couple of points I’d like to make outside of the above announcement to hopefully address any concerns that the OpenID community might have:

• JanRain will never require users of our libraries or services to use Windows CardSpace ™. We offer support for this technology as another option for users much like using our Safe SignIn and Personal Icon technologies on MyOpenID.com. We’ll also continue to support the OpenID efforts going on with Mozilla and Firefox.
• Windows CardSpace ™ is shipping with Vista today and is a well thought-out technology that helps address many of the privacy and security concerns that people have had with OpenID. OpenID helps users describe their identity across many sites in a public fashion. The two together are very complimentary products and each has its strength.
• Microsoft did not cave in to the OpenID community and the OpenID community is giving nothing up to Microsoft. This is a collaboration on bringing the best technology to the marketplace as quickly as possible to help secure users and solve the single sign-on solution once and for all.
• Please reserve judgment on what this all means until you see it all work together. The technology is really quite simple and the ramifications for end-users is huge. It also goes a very long way to completely addressing the phishing concerns we’ve heard so much about.

A great many things have happened since then. Higgins is now demoing live open source implementations of a variety of tools, including Bandit, around the newly announced OpenID 2.0 spec. We have full OpenID 1.1 libraries in all the major programming languages. OpenID 2.0 code should be rolling out within a couple weeks from a number of the vendors here. Dick Hardt of Sxip demoed the newly announced Sxipper Firefox plugin. There was a Safari InfoCard Selector demo complete with modal overlays. There were a surprising number of demos (Java, even) fully functioning with versions of Microsoft’s CardSpace (coming baked into every copy of Vista in a few short months). Avery Glasser of VxV Solutions demoed his company’s voiceprint technology fully integrated and interoperable with OpenID. JanRain demoed their new BotBouncer site designed to serve as a centralized CAPTCHA repository so users can know a particular OpenID has passed a humanness test.

I also ran a session this morning on MicroID and how it works as a lightweight verification method for claiming a webpage (and eventually a part of a webpage). I received a variety of questions about SHA1 and it’s being broken back in February of 2005 as well as the MicroID not being a true HMAC. The answers, as best I could describe them, hinge on the fact that these are not true secrets being hashed and passed around for MicroID. We’re only using hashing in the first place to try and obfuscate the email address of the user – not protect any nuclear secrets.

Additionally, Dick Hardt posed a question that forced me to step back and reconsider a couple things about MicroID.

He asked, if you’ve got an OpenID, couldn’t you just use it as the communication identifier itself and skip the hashing step (which exists to obfuscate the email for publication purposes)?

Of course, he’s right about this. If a site has decided they want to play along with all of this fancy identity stuff and expose something which allows others on the internet to verify claims that their users are the same person at a different service, why would they pick to expose MicroID if they could just implement OpenID and expose it instead?

The answer, I think, is mostly that it’s easier to do MicroID today (it’s just a hash). But in the long run, once OpenID is in a lot more places and a lot more visible to everyone online, it will probably be just as easy to simply include a user’s verified OpenID in the head of their page – no hashing – no obfuscation necessary.

Something like this:

<meta name=”openid” value=”http://claimid.com/terrell”>

Then, other sites can simply check to see that they, too, have independently verified that particular OpenID and ‘connect’ the accounts.

Just like MicroID does today.

In fact, I’m proposing here that MicroID be tweaked to include the opportunity to do just this. Declare as part of the spec the publishing standard for publishing OpenIDs as well as MicroIDs for public consumption.

Perhaps claiming a blog comment would be easy if it looked something like this:

<div class=”openid-http://claimid.com/terrell”>

It seems simple enough and allows these simple claims to be made as the technology matures beyond simple email addresses as communication identifier.

MicroID specifies for the first part of its hashing formula to be any communication identifier, but if it’s an OpenID specifically, or i-name, it doesn’t need to be obfuscated and hidden from view.

Thoughts? What am I missing? Are there use cases where someone/someservice would still want to obfuscate the OpenID? Should it ever not be public?

Thanks, Cristian Lupsa, Contributor to The Christian Science Monitor!

Do you need a Web publicist?

Wednesday, Nov 29, 2006 – Christian Science Monitor

Thursday, Nov 30, 2006 – USAToday

OpenID works for you in a couple different ways:

1) You can use your OpenID to sign into any system that supports them – and without a password for each site (you’re actually only logging into your own OpenID and then your openid host and the new site are exchanging tokens).

2) You can delegate from any site you own to an OpenID account of your choice. This is important because you can then log into your new favorite cool site with your own domain name.

(e.g. I can log into zooomr.com or claimID.com or wikitravel.org or livejournal.com with terrellrussell.com which is delegated at the moment to my account at myopenid.com which is run by the guys at janrain.com who are writing and releasing all the open source libraries for OpenID).

You can sign up for an OpenID at any of these providers.

More info at the OneTrueWiki.

While building claimID.com, I’ve become intimately aware of how big this will be in the next few years (months) once some bigger players get on board. There is talk of the Identity Big Bang coming soon.

Separately, Fred put together a similar list of OpenID Resources at the claimID blog. Great minds and all that.

In addition, Jason set up an OpenID server at Joyent proper. A little bare at the moment, but it should be skinned and looking like the rest of Joyent pretty soon. It’s currently running the same base code as Verisign’s PIP server, so if you’re interested, you can download it here.

2006/10/24 00:50:39 EDTAs a little side project I got interested in adding a MicroID extension for MediaWiki. MicroID is a teensy little format for asserting that the owner of a particular Web user account is also the owner of another account (like an email account or an OpenID). Adding support to MediaWiki means that Wikitravel users can verify their accounts with claimID or other similar services. Fun stuff, relatively easy, and useful for everyone — the best kind of hacks.

Behold: http://www.mediawiki.org/wiki/MicroID_extension

I have confirmed that user pages at del.icio.us are now publishing MicroIDs in their headers and can be claimed accordingly. Another stick on the pile.

Slowly we’re making progress…

Update: The MicroID blog catches on as well.