There is a post on elsua: The Knowledge Management Blog titled "Your Single Social Network – ClaimID and Identity 2.0 to the Rescue?" which considers whether something like ClaimID couldn’t be used to facilitate secure logins for all the sites you find yourself logging into every day on the Web. On the one hand it is great that there are so many sites with so many useful services but each one usually requires you to log in to access your personalised services. It isn’t easy to remember dozens of username and password combinations so users commonly use one username and password combination for all (or most) services. This isn’t really ideal from a security point of view so to deal with this there are a couple browser plugins that help out (I came across a Firefox extension called Sxipper this morning which takes care of forms).
The idea of a single social network is expressed quite well in a post by Phil Gyford titled "Your single social network". The basic idea is that when you sign into a site, you give the site some information that it uses to go back to a central repository of your information where it finds your login information and perhaps even friends lists (how many times have you been asked to add your friends to your new social networking service?). That central service could keep all the other ones updated and if a friend joins the new service you could be notified and your information would be updated as well.
So ClaimID came up as a possible candidate for such a central repository of information and where it is really useful is as an aggregation of the sites and services that comprise your overall online identity. As its name suggests, ClaimID is a tool to assert your online identity. It supports OpenID and may also represent a shift in the way we view our identities online. A pretty highly publicised issue is identity theft and the solution, ironically, is not necessarily to hide your identity but rather to publicise it. If anyone could determine whether something comes from you or whether you are the author of something then identity thieves would have a much harder time stealing your identity and pretending to be you. This is where a site like ClaimID comes in. So rather than protecting the elements of our identity from public view, we move to a new paradigm where it is better to publicise those elements. Of course I am not advocating publicising all your personal information (I don’t give out details like my home address or other information that is very sensitive and neither should you) because some personal information could be used to access bank accounts and suchlike. Consider what information your bank asks you for to verify your identity over the phone and keep that information secret.
What really interests me is the paradigm shift from keeping all elements of our identity secret to disclosing many of those elements in an effort to assert our identity online. How much of your identity do you disclose online?