Wednesday, October 19, 2005

Digitally mugged me and stole my private key!

Digital identityWe were talking about digital identity not too long ago. It started when Malcolm Turnbull got a drop of publicity from a suggestion that Australia provide "pigeonholes for all" in the form of (at least that's what I thought it was when I read the article, but now it appears to have been updated by ABC to include one's date of birth after surname too -- no thank you)... Seems to me like Turnbull is completely missing the point of why people use email in the first place. Without getting distracted by many other issues, people like email because it's immediate, enables participation in various online activities, can be relatively anonymous, and is easier than writing a letter, finding and envelope, stamp and postbox. At the same time, if there's information you're really wanting to receive from authorities or some other stranger who doesn't already know your personal email address, you will provide this person with your phone number, current email or postal address.

While there does appear to be a slight movement towards an individual choosing to use their real-life identity online, this is often in addition to not instead of other digital identities one may have created for oneself. For instance, Gmail is strongly encouraging the use of real names for a gmail identity by requiring both a "first name" and a "last name" to register. The registration process then "suggests" an email address of the form Practically every large organisation and company in Australia also uses email address that include one's surname and first name before the at sign in a specific format. But existence in cyberspace certainly doesn't require real names or full names. Identity is forged in a variety of other ways.

Specifically we can expect a future where everyone signs emails, forum posts, blogs, etcetera, with their personal key (something like the way many people currently encrypt their emails with PGP encryption) and these will be read by decrypting with our matching public key. In the same way, for messages to us, private keys would be used at both ends (semi-private at the sender's end). We will only be able to read something encoded for our identity to read and in an effort to prevent spam we may choose to only receive messages sent by identities we already trust somewhat. Our collection of private keys will become as important as our credit cards and wallets!!

In a related post on Kim Cameron's blog, we read about a (probably) new academic field that would go beyond the philosophy to examine the nuts and bolts of how identity is formed and lost, especially in a digital context. Cameron writes about the advent of "Identity Studies":
Identity Studies will be founded by computer scientists, information theorists, cryptographers, privacy and security experts, semiologists, psychologists, sociologists, philosophers, architects and designers, lawyers, criminologists, political scientists, and policy researchers. All of these disciplines have important insights to contribute.
Certainly, it's an enormous field which we can expect to become more important in the next fifty years.

Technorati Tags: , , , , , ,


Post a Comment

<< Home