Hello Toy,
> I truly enjoy listening to these conversations of the next
> evolution of directories. You and I have had these discussions
> before.
Yes ... I really believe that the picking of stocks can be based on an evaluation of "inevitable technologies", and once these technologies are identified, then it becomes a simple matter of locating the companies that are working on them. ;-)
> I agree in theory that the ultimate goal and dream would be for
> each individual to hold the definitive repository of his/her/its
> identify data. I still see many practical limitations and obstacles
> that need to be addressed before this evolution becomes reality
> (not to say that these hurdles cannot eventually be overcome).
And it is exactly these issues that should be and, as you say, will eventually be solved. They really are not difficult problems, but they are the ones that make this such a valuable market!
> One of the major issues I still see is that - similar to human
> nature - data that is loosely replicated on a "whenever I feel like
> it or whenever I remember" basis becomes outdated. This is a
> problem now even in the business world as well as the general
> public - AND far from perfect.
So you are obviously making assumptions about how this all works ... and I guess that in your world these are problems. But in mine, I will access the information as close to the definitive source as necessary and allowed ... I can't do any better than that ...
Anyhow, when looking at the market, I believe that companies that "iterate" a product through it's lifetime will eventually create a far superior product. Those that strive for perfection in the first release will be sorely disappointed, since it's being built by a bunch of imperfect humans ... and it will take way too long to build since they will strive to cover all bases and try to think of everything and anything that might ever happen or ever be. And when they finish this grand effort, they will probably find that they are now in a very different market than they started, and they have not been able to gain any customer feedback because they didn't ship.
In the mean time, their competitor who might use newer concepts like "Extreme Programming" have already shipped their first two revisions of an "imperfect" product, and are already onto version 3. If Microsoft fits this example, this is where they are now really starting to roll, and by revision 4 or 5 you are dead meat. ;-)
> Humans have evolved into the chipmunks of data collection and
> dissemination world. What the hell do I mean by that - you ask?
> Well, when a chipmunk collects its personal store of nuts it buries
> these nuts in hiding places all around its roaming territory (to
> protect it from others). One big problem, poor little chipmunk
> forgets where he/she hides or placed more than half of them.
... and so you *do* recognize the value of the software which manages this for you! ;-) You see, you have properly defined *one* of the problems that is solved in my world ...
> Mr. Chipmunk can still get by with the nuts he remembers but
> wouldnt it be nice if Mr. Chipmunk could place them all in one or
> at most a few secured locations where he knows where they are?
Now this is interesting ... is it "one" or is it "a few"? In my training in computer science, once this barrier is broken then you design for maximum flexibility, within reason. And as I think it will be "a few", then it really becomes "unlimited" and the whole design goes back to what I stated above ... writing "software which manages this for you" ...
> Of course this has its issues as well (fault tolerance of food
> supplies) but IF HE COULD BE ASSURED OF security of his stores....
So I know that you have glossed over this, but the security is the exact reason for multiple tiers of information distribution. If you give copies of your information to *anyone* else ... you have just opened yourself up ... not that you don't want to, but maybe being very careful and selective. Again, my model allows for this easily ...
> Humans have evolved the same way with personal identity build-up
> and dissemination and the Internet has magnified this problem in
> several orders of magnitude!
Yes! Making it an even better time to focus on software that manages personal information ...
> How can we get better control of the data we collect AND ensure
> that we know where we have handed it out and how we can keep it
> up-to-date or even revoke it when we need to?
Well ... I was thinking that this would be done by a personal directory application/agent. It is this exact problem, that when it is solved and written, will be so valuable.
On another note, you make one comment which makes me realize that you have not really thought this through ... you have not understood the problem and possibilities. There is no way to "revoke" information once is has been shared with others!
Sure, I can stop you from getting more current versions of the information ... but I can not "revoke" anything that I've shared with you, unless I can ransack your datastores, or erase your memory. It's an impossible task ... and one that is not worth wasting time attempting ... I can simply revoke access to current versions of information.
Think about it this way ... if I give you access to my passport for even one second, you have the ability to memorize all the information on it. If I leave you with it for 30 seconds, you could make a photocopy of it. Another example is the waste of time on music encryption. If I can listen to it, I can record it. It has to be unencrypted to listen to it, hence I can record it, so encrypting it is a joke.
There is no such thing as revoking information that has been shared ... IMHO, it's a folly to even pursue it.
> With the model you are describing and I am understanding, if I were
> the master of my personal identity store and I decide who, when,
> where, how I replicate my data out into the big bad world, I will
> be like hte poor chipmunk, I will eventually forget where I placed
> replicas of my data.
Yes ... *you* (the human) would possibly forget ... but the references to copies themselves would be stored ... remember the rules? They are actually stored along with the data ... so in my world, I don't have to worry about remembering all that information ... and again, that is the power that creates so much value!
> I will let data get old - even though I had no intentions for that
> to happen.
Why? I know that you are thinking about your own model, not mine, but can you give an example? In my model, I will have created the rules with my preferences on keeping things up to date ... so it would only get old if I decided that was the way I wanted things. And there are numerous cases where I *want* that to occur ... and so I need to design to allow it ... ;-)
> I will not be able to revoke other's access to data that I have
> previously granted.
Of course I can revoke *access* to my current data ... why not? But I can't revoke the "copies" that they have seen or been given. (See example above ... ;-)
> I will not have my data accessible to me where and when I want at a
> moments notice - UNLESS I develop and maintain a personal "always
> available to the net" central data store that I could access.
Again, this my be true in your world, but in mine (as I described) I have the complete flexibility to store encrypted versions of my personal information anyplace, and copies of shared information anyplace. This could be on my machines, or on other "public" or "private" machines ... I tried to give you specific examples of how this would be done in my post ... did you miss that?
> I will also have to ensure that this definitive personal data store
> at home is well protected and secured (i.e. a new form of crime
> starts where the thief breaks into your home and steals your
> idenitity store and holds it hostage - just a wild thought).
It's not such a wild thought at all ... it's bound to occur. It's the same as having your Daytimer/Franklin Planner stolen ... or your laptop ... or your wallet. That's why I would also suggest that the personal directory would use a completely encrypted store, and that you would need a password/identifier to access it. If it's stolen, and the encryption is strong enough (which I think it will be) then I don't care! I simple get a new storage device, and grab a new replica from one of my replicas that I've stored around the net.
If you think it through, it's actually very simple and elegant ...
> Again, much of this could very well be addressed in some means -
> BUT it must be done in a manner whereby anyone with the most
> limited understanding of technology could handle the process.
Yep ... this can't be made as hard as programming your VCR ... right?
It's actually very simple ... and the "wizard" types of questions from your personal directory agent will walk you through it ...
> (Not all of us in society will have the smarts to run a personal
> ISP in their residence).
So no, and yes.
I'm not sure if you are referring to me with this comment ... but I actually run everything out of my office building that is in town.
But I would argue that everyone *will* have the smarts to run a personal server, and services in their house. These will become easier to operate, just like radio, television, VCRs, and home computers. It's inevitable ... ;-)
> It will have to be an elegant simple solution, otherwise I see an
> opportunity for trust personal identity maintenance storage
> outsourcers come into the light.
I'm sorry if your solution is not ... but mine already is! ;-)
And again, I already stated that my model offers the complete flexibility for all types of possibilities. This is again where I will share copies of information, or store replicas ... on public or private sites based on my trust ...
> Maybe Banks that offer a service of storing your definitive copy of
> data for a nominal monthly fee? (hmmm let me write that idea
> down...).
Of course! They are a "private" entity who would provide the ability to store copies or replicas ... what did you think I was referring to? But this then starts down the path of what a "Bank" is by definition ... I believe that there will be newer "Data Banks" (?) that will emerge and redefine the word ...
The only issue here is the decision of how the information is stored ... copies or encrypted replica? I need to remember that if I give the bank "copies" of *any* information ... they now have access to it, within their own security procedures. Until the law comes in with a warrant ... and is able to grab those copies! Which the bank will hand right over. What kind of security is that? Again my model allows for both types of storage ...
I believe that there are a whole set of issues and scenarios that I have been through (since this is an area of focus and detailed research for me) and discussed with numerous people ... as you suggest below, we would have to get together with a white board so that we ensure you have thought through all of the issues ...
> I see a compromise between our beliefs of personal identity
> replication vs central storage.
But there is no "vs" ... you seem to have a model that you have created in your mind that makes this a "vs" issue ... but it's not in my model!
My world consists of a model which offers any flexibility that the user desires ... I've already covered the base that your looking at ... and it was thought through years ago ... ;-)
> In essence my beliefs have some similarities to yours. I just would
> rather that all the information I provide to some other entity
> would only be pointers to my definitive source.
As long as you are comfortable with the "other entity" knowing where all of your personal information is, and you are comfortable with some "other entity" accessing it directly. This *does* open you up more directly to hacking attempts etc. It means that you have decided to open your information to anyone who can compromise that location. My model allows for this, but also covers the ability to provide indirection ...
Nothing that I have architected prevents you from choosing to do this ... but it has also not *forced* you to do this ... *you* might like the idea and decide that you are comfortable it ... I don't and wouldn't share information this way. But my model covers both of us ...
> That gives me much more control than to replicate it out and not be
> able to revoke or instantly update one copy of it.
So revoking? We've covered that one ... it's an impossibility ...
As for the single update? The thing that you haven't stumbled on yet are all of the other benefits that you *gain* from the alternative ways of sharing, and the limitations that are created by single copies ... ;-)
Think multiple identities ... I believe that my model will handle this *much* better that yours ... ;-)
> Thanks again Scott - great topic - it seems we come back to it over
> and over. WE MUST TALK ABOUT THIS OVER DRINKS! Maybe very soon!
Sure ... sounds great!
Scott C. Lemon |
