[standards-jig] Proposal: Jabber as universal ID
kwang at kwang.org
Mon Dec 1 10:40:30 UTC 2003
Universal ID services like Microsoft's Passport offer the convenience of
universal login at participating sites. This is useful because you don't
have to retype your personal information like age, real name, etc. at
every single website for which you register. It's also centralized, so
you can change your info once and the change can be propagated to the
The problem with Passport of course is that it's Microsoft and targeted
for big websites like Ebay. Because one of the major pieces of
information Passport is supposed to share is credit card information,
it's important to corporate clients that it's secure and backed by a big
name like Microsoft.
What I propose is a universal ID scheme using Jabber that is focused on
non e-commerce use, particularly site registration. Few websites offer a
"my" section, and even fewer require it, but every website's forum
section requires you to undergo a registration process. This I feel is a
big hassle when you want to just ask a quick question at a tech support
forum for example. It's also quite a hassle considering that I actively
frequent about seven forums and keeping my information consistent and
up-to-date for all them is rather unwieldy.
The way it could work is that the forum software offers a Jabber
universal login option in lieu of conventional registration. The user
simply enters his Jabber username and password and the forum software
pulls certain information like real name and email address from his
Jabber profile. That's it. There'll also be no need for a verification
The forum software can also pull other additional information and even
forum preferences from his Jabber account. It can also regularly poll
the Jabber account for updated information. Of course the user can
always specify site-specific preferences, but the site software can
simply default to his Jabber-specified preferences.
Although it's entirely possible to create a separate infrastructure for
universal ID services, Jabber has an existing userbase. Additionally,
the distributed nature of Jabber servers provides for a sufficiently
wide namespace; simple username IDs has a much smaller namespace than
Jabber's username at domain.tld ID scheme.
I'm by no means a Jabber protocol guru, so I'd like to hear what the
more experienced members have to think. I'm a long-time PHP/MySQL
developer so I can hack phpBB to create a proof of concept, but someone
else will have to code the client part.
More information about the Standards