Great comments keep rolling in on the series of posts I've been doing on reinventing the Internet (here are links to parts one, two, three, four, and five, and I responded to some comments about them in another post).  Today, Alex Barnett wrote a great blog post of his own about it and I wanted to respond to that because what he has to say is pretty important.  For anyone late to the party, I'll save you a bit of reading and tell you that what we're talking about is an open source decentralized social network that serves as the basis for online identity.

As a few of you, including Alex, noticed that I'm kind of an idealist (although I like to think a realistic one :)  I believe in shooting high and working backwards, trying to stretch what's currently possible to accommodate what you want to do.  Alex brings up a good point, however, which is that any new network needs to inter-operate with old ones:

"So, should Jason try to solve today's identity nightmare by trying to get everyone to use his one system, or does he try and solve what he really cares about by using a common layer above the various ID systems, including his, that abstracts out the differences (various UIs, behaviors, etc) of these systems out and away from the user? You know that the banks / merchants / services ain't going to replace / swap out their ID systems for years, if not decades or at all."

You are absolutely right.  A new identity system won't take hold in institutions and commercially until it reaches a certain critical mass.  I was actually waiting for somebody to bring this point up, because it's very interesting and crucial one.

I've gone through this thought process several times and here's what I keep coming back to:  An identity system that is usable commercially and in institutions is still years out.  I don't see anything that's even close to being ready yet.  Here's why:  The most important piece of that equation, the public, is just now in the past year or two gaining some kind of idea of the concept of an online identity.  Before MySpace, LinkedIn, and blogs, not only did the average person not know that the Internet was for anything besides news, shopping, and chatting, but the only thing they identified with online was their email account.  Now we're finally moving into an era where the abstract concept of an online identity is somewhat palatable to the average person.  I talked about this pretty extensively in the first post in the series, and I just noticed this interview with Ross Levinsohn from Fox News where he seems to describe the same phenomenon as the reason why they just paid $580 million for MySpace.  Talk about putting your money where your mouth is.

If you told a person off the street that they could link their MySpace account to their credit card and buy something with their MySpace account, I think they would comprehend that.  In fact I'll ask a few people and report back on that.  If you told them they could sign up for an online identity and get a personal certificate, link that to their credit card, and then use it to buy stuff, you'd probably get a blank stare back.  Personally, I think the conceptual barrier of getting the average person to understand let alone use things like certificates and identity providers and identity selectors is a mighty high hurdle to overcome.

I see social networks as the stepping stone to online identity.  They are the modern equivalent of people understanding the use for electricity for the first time and wanting it wired to their houses.  I know people who own computers and use the Internet JUST to use MySpace, which I can hardly even fathom since I hate the site.  But people understand social networks, they serve a purpose besides identifying you.  They are you online.

To me, it makes more sense to use the foothold we currently have into the average person's psyche in the form of social networks and go from there.  I think it's where any identity system would need to start in order to eventually attain critical mass, at least to the point where you could use it to log into your bank account or pay your taxes.

One last comment from Alex that I like:

"As I see it, in the ID space there is no downside to playing with the rest of the others. You can have your cake and it."

Amen.  And I mentioned in passing in other posts, but I'm trying to make everything in this system as backwards and cross-identity system compatible as possible, there's just no reason not to.  If an identity system like Cardspace takes off, it makes zero sense not to support it.  There is so much free code out there at this point that it would be foolish not to support everything you possibly can in order to accumulate users quicker.  Monoliths are definitely bad.

However, I do think that not all identity systems will be created equal--there are certain things you can do if you build for the future that you can't do if you build for the past or present.  For example, can you send and receive email or IM's from your Cardspace identity, or tell somebody how to find you using it?  (And by the way sorry for picking on Cardspace here, I actually think it's one of the better identity systems out there and I do plan to support it.)

I think what it really comes down to is, what do you want from your online identity?  How deeply are you willing to integrate your online identity into your life?  Should your online identity just be capable of identifying you as you?  I would eventually like to be able to shop, play, pay, blog, email, IM, sell, trade, comment, establish relationships, read, participate, phone, and vote using my online identity.  I'm not entirely sure whether the identity systems out there are built to support all of that.