Feature Friday: Distributed Identity

Last year at LeWeb I talked about four areas that we are looking at closely to make investments in. One of them is identity. I said this at the very end of my talk:

I predicted that there would emerge a “bitcoin like protocol” for identity. And we’ve been looking for that.

One thing we realized along the way is that this could be built on top of bitcoin or another blockchain. And so earlier this year we made a seed investment in a startup called OneName that is building exactly that. On Wednesday of this week, OneName announced a bunch of things, including our investment, and my partner Albert wrote about OneName at usv.com.

Now many will say “well Facebook, Google, and Twitter handle that pretty well for me” and they would be right. But are you really comfortable with Facebook or Google operating the identity layer of the Internet? I am not. And I think over time less and less of us will be.

But the answer isn’t another startup controlling the identity layer of the Internet either. The answer is a distributed ledger of identity that is open and not controlled by any entity. And that sounds like an application for a blockchain if there ever was one.

I have cleared my identity on the blockchain and it is here. I have verified it on Twitter and Facebook and you can send me bitcoins through it. It’s not much today, but in some ways it is everything. Because everything can be built on this and our hope is it will.

To date about 20,000 people have cleared their identity on the blockchain via OneName. My hope is that number will be in the millions within the next year. If you want do do that today, go here and get started.

#Uncategorized#VC & Technology#Web/Tech

Comments (Archived):

  1. jason wright

    tech speak translation please.”I have cleared my identity on the blockchain…”in what sense “cleared”?

    1. fredwilson

      it’s a transaction. it is now registered

      1. jason wright

        cleared on the distributed ledger, and so the world now agrees that you are who you say you are.new paradigm. brave new world.i feel history was made today at avc.i hadn’t realised you seeded One Name. you kept that under your hat. i should have known it

    2. leigh

      Am also not getting “bitcoin like protocol for identity” Maybe some coffee will help.

      1. fredwilson

        i understand things best by playing with the products. try creating a onename profile

        1. leigh

          that was a ridiculously easy sign up process (and got me to join coinbase and saved everything to my dropbox) . let’s see if i can get this πŸ™‚

          1. fredwilson

            well it won’t be that useful until they can start getting developers to allow you to sign in/auth via onename

          2. kev polonski

            So instead of facebook/twitter, I have to use onename? Trade one firm for another?

  2. Anne Libby

    Yes!!!!!

  3. Barry Nolan

    Nice.Where one i had to diligently type long strings of urls, now i enter a name into the Google address bar, and Google takes me there.Where once i had to send 1 Bitcoin to a long string ‘hhbfxx45bh58Hhjj4f’, now I enter +fredwilson into the onename address bar, and onename sends my Bitcoin there.Irrefutable identity made easy. Of course though the Bitcoin anonymousistas will hate this.

    1. fredwilson

      they are going to hate a lot of things that will be built on top of bitcoin

      1. Fernando Gutierrez

        I would not say hate. I’m very involved in that space and I’m part of the team working on Darkcoin (privacy based coin based on Bitcoin’s technology), but I also love and use Bitcoin. I believe there are uses for a public ledger and there uses for anonymity.BTW, I don’t know how to solve it, but I already see with onename.io the same race for good usernames that other services suffer. I signed up a few weeks ago and was able to get a very short one (+fer), but it was not my first choice. I would go for more domains to add variety or usernames will end up as complicated as a Bitcoin address.

    2. Muneeb Ali

      We support stealth addresses and one-time use addresses. You can receive private/anonymous payments using these methods.

  4. William Mougayar

    What other wider applications do you envision seeing on top of decentralized identity, and 2/ what monetization options are they expecting would materialize? In other words, what vision do you see behind this direction?

    1. fredwilson

      no idea on monetization. it’s possible that this is not a business but just a protocol. but we will see about thatthe most obvious application is replacing google and facebook as the preferred auth service on mobile appsbut they will need millions of users before that will be possible

      1. William Mougayar

        I don’t see distributed identity as a catalyst for applications, but I can see new blockchain-based/decentralized Apps as a catalyst for it. IMO, the opportunity for them is in getting infiltrated into the emerging new types of decentralized Apps.

      2. Vitomir Jevremovic

        Monetization should evolve around bringing additional services for a fee, on top of a data-identity layer. But what you where talking about is actually a big change in authority over data it self. Change will be tough as it will provoke not only the big guys, but also governments and investors, as it will hit on the core investment logic of today’s internet market. Market which is built on centralized services that basically control the data and identity. I can see it ultimately as pure users choice when system comes to life, a moment when user decides that he wants not only to keep and control his data, but to grow and share it for benefit of a society. That will be deconstruction of social internet as we know it and establishment of true network structure in both identity and data distribution, much like the first world-wide-web was. It will substitute this growing trend of centralized walled gardens of data-identity collections.

    2. Jay Parkhill

      There are a lot of people trying to figure out how to take control of privacy & personal data. A service like this could create a default privacy setting (e.g. don’t email me, don’t touch my contacts, GPS or phone).

  5. jason wright

    did you coordinate this post with one name?i sense their system will be subject to a stress test this morning

    1. fredwilson

      no i did notthat is their problem/opportunity/challenge

    2. Fernando Gutierrez

      Nice problem to have!

    3. John Revay

      You can see some of the sign ups athttps://twitter.com/muneeb/…One of their founders – Munee is favoring Verifying tweets.

  6. David Semeria

    Where do you see the border between identity and authentication?I ask because I created a onename account in March and now I have forgotten which email I used to create the account. It’s no big deal for me to fix this, but I was pondering this question as I started looking through my various accounts for the original email confirmation.

    1. fredwilson

      this is a big issue for them to solve

      1. David Semeria

        But with a massive prize.If they can pull it off people would be able to choose the next president from their smartphones, for example.

        1. jason wright

          verified place of birth blockchain transactions on the way

        2. Chimpwithcans

          Amazing thought, this.

        3. Chimpwithcans

          This article seems to suggest bitcoin on the blockchain may be insecure? Does that mean stolen identity on the blockchain would be ‘washable’ or you can ‘launder’ it somehow…would that be accurate? http://www.theverge.com/201

          1. David Semeria

            The blockchain is simply a distributed ledger which nobody controls and which is practically impossible to modify without the necessary crypto key.But if you let your key fall into the wrong hands, then they can operate on your behalf. This isn’t a weakness with the blockchain itself, it’s a security issue faced by every service which requires authentication, and is probably the hardest problem to solve on the web.I imagine that sooner or later someone will finally invent a viable biometric solution and in the process make a packet.

          2. Fernando Gutierrez

            The blockchain is practically impossible to modify… as long as bitcoins are valuable and there are people competing to mine them and investing a ton of money in hardware. If, for any reason I can’t see, the price sinks, the blockchain becomes easier to control. I don’t believe it will happen, but there is a risk in linking everything to Bitcoin’s value.

          3. David Semeria

            Good points Fernando.

        4. James Ferguson @kWIQly

          hehe – surely you wouldn’t want a republic to become a democracy !

        5. awaldstein

          Agree and your example speaks to the power of this as well as anything I’ve read.

    2. LIAD

      likewise, forgot my 8 word passphrase, no way to reset.

      1. David Semeria

        I managed to reset without any problem.

  7. jason wright

    now verified too. citizens of the world unite!

  8. jason wright

    trust level:twitterfacebookgithubmost people will be stuck at a two stars trust level

    1. kev polonski

      Isn’t it ironic that in attempting to free ourselves of identity controlled by twitter and facebook and such, we end up having to use them to gain a “trust” level?I don’t buy this “distributed” identity. Why should I be forced to sign up with twitter and facebook (which I have don’t use) and then link all these accounts up to enable the worst form of “big-brother” snooping?

      1. jason wright

        spot-on

    2. Ryan Shea

      Yes, good point, we plan on adding more sites/networks very soon.

      1. Kirsten Lambertsen

        How come Amazon never gets used for this stuff? Everyone alive has an Amazon account…

        1. Anne Libby

          Good idea!

      2. jason wright

        i assumed github was a marketing move, to get developers aboard

  9. LIAD

    ironic you have to leverage a centralised platform in order to verify your identity on a decentralised one.

    1. fredwilson

      yes. but that doesn’t have to be the only way. its a way to bootstrap though

      1. LIAD

        how do you think it can be done without leveraging centralised identity of one form or another. – attach copy of passport/SSN/utility bill/birth certificate? – all leveraging centralised identity platforms. so it seems decentralised identity can never be guaranteed to link to a real-identity without using a centralised service to underwrite it.only was i see this working is the proof of burn idea i wrote about a few months back on USV https://www.usv.com/posts/a… , where the identity itself is irrelevant its all about the trust associated with it.

        1. fredwilson

          i am not sure what the best way to do it is to be honest

        2. Fernando Gutierrez

          That link gives me a 404, so I can’t be sure of what you said, but I believe that I fully agree with you. Identity can be irrelevant. Many people live many different lives. What is relevant for the people with whom they interact is the trust associated with that part of that person, not the full picture.

          1. Fernando Gutierrez

            Great, thanks! Very interesting idea. The only problem I see is how to know how important that burning is for the user. Someone wealthy can burn 1 BTC and misbehave because that BTC is not important, while some poor kid is gonna kill to protect his few satoshis profile.

          2. LIAD

            not about how much its worth to someone.if someone burns 500 to make an identity trusted, if you do a 200 transaction with them you can be comfortable they are not going to risk a 500 identity over it

          3. Fernando Gutierrez

            Got it, that makes a lot of sense for many scenarios.

        3. Bruce Warila

          Use the microchips inserted at the base of our skulls at birth?

          1. LIAD

            ssshh. we’re trying to keep that a secret.

    2. Ryan Shea

      Let’s say we’re at a party and there are 20 people. You ask one of your friends “hey, who is that guy over there?” and he replies. You then ask her about every other person and she replies in turn. In that case, you are relying solely on your one friend for information about everyone else. In a sense, you’re trusting one central source to build your view of the world.Now, let’s say you instead do the same, but ask two of your friends about the identities of everyone in the room. Or three. In that case, you’d be able to trust the information much more because the information has been corroborated.Now, let’s imagine that your friends aren’t really friends, but businesses. If you ask just one, you shouldn’t have enormous trust in the answer. But if you ask multiple sources, you should have a greater sense of trust in the identity of that person.

  10. jacopogio

    +jacopogio πŸ˜‰

  11. LIAD

    + ” the answer isn’t another startup controlling the identity layer of the Internet either.” – that’s exactly what it seems Onename is doing – try and register the name pmarca – the response ‘this username is reserved for Marc Andreessen’ – if that’s not a startup controlling the identity layer i don’t know what is</endrant>

    1. JimHirshfield

      Well, given that it’s identity, they’re aware of the spoofing issue. One way to mitigate it, although not by any means 100% effective, is to reserve Twitter names.

      1. Muneeb Ali

        Yes this was an anti-spam / squatting effort.

    2. Muneeb Ali

      I think it falls more under “friends reserving names for other friends” :-)We’ve reserved a very small number of names (not even a thousand) that we thought squatters would try to grab and we are handing them over for free to people in the startup community. The entire namespace is wide open and you can register any name that is currently not taken through us or directly on the blockchain.

      1. LIAD

        i hear you but however you spin it, whether 500 names or 5 million, you still control access to identities and are acting as gatekeepers to this decentralised namespace.not saying if i was in your shoes i would do different, coz i wouldn’t. just telling you how it is

      2. jason wright

        i think you’re doing it for marketing reasons, saving names for ‘influencers’ in the web tech space. I would accept reserving a full name (i.e. ‘jason calacanis’), but not ‘jason’, which would not be squatting at all. it smacks of a ‘private club’ mentality. bad pr.

    3. jason wright

      so true. first come, first served in my book. if transactions take place later so be it.’jason’ was reserved for jason calacanis. who he?

      1. JamesHRH

        silicon valley guy. Hard to believe he is considered worthy of a reserved space in the Internet Identity VIP Parking section.

        1. jason wright

          brooklyn escapee

    4. William Mougayar

      i see 3 advantages to this approach:1/ better a startup control it than Google/Facebook who have ulterior motives for your identity2/ a startup is focused on this, and that’s their sole purpose, so at least they have a higher chance of success3/ standard-based approaches like OpenID have a history of failures in implementations, because they always fall back on the lowest mediocrity denominator.

      1. LIAD

        i’m not saying its not a pragmatic thing to do. because it is. i’m saying that decentralised systems don’t have gatekeepers period. whether the gatekeeper is a startup or a Goliath is irrelevant.just like you can’t be 1/2 pregnant, you can’t be 1/2 a decentralised system.

        1. William Mougayar

          Got it. but it could start that way, then gradually decentralize.

    5. Simon Edhouse

      You mean reserved before he has even showed interest? Yes, that is very telling. I wonder how many other names they have reserved.

      1. LIAD

        even having the ability to reserve a namespace is quasi coopting of the system

        1. Simon Edhouse

          I don’t know why they didn’t go deeper with this.. the core ID layer shouldn’t have to use exclusive English character sets. It should allow as many @pmarca’s as there are copycats.. because the alignment with Twitter and other social media accounts, (already part of the system), provides the validation level for the most well known @pmarca..By locking this to exclusive English character sets they have possibly introduced an ‘Achilles Heal’ I think… and if as Fred says they are trying to create a protocol or platform, they are effectively limiting themselves and/or masking whatever underlying ID system they might wish they had started with.

    6. Ryan Shea

      Hey LIAD, we absolutely understand your concerns but here’s how we look at it…We have absolutely zero control over the underlying blockchain or the namespace. This is in direct contrast to the namespace that Twitter or Facebook use, in which they can arbitrarily register or re-assign names at will.And you’re right, we can indeed register a bunch of names and reserve them for people, but so can anyone else, just like yourself. However, just like everyone else, we do have to pay the price for registering these names (blockchain registration fees), and so that deters registration for everyone.Our simple purpose with pre-registering a few names for well-known people in the tech industry was to ensure that their names weren’t squatted by someone else. Sometimes in the early stages of a network one needs to do things to bootstrap the system and help it take flight.Now, we don’t like the ease with which anyone and everyone can squat each other’s names, but every network with usernames, including twitter, has that problem. In addition, we have a clever solution that we’re working on to address this that doesn’t require us or anyone to “save” names for people, so stay tuned.

      1. LIAD

        Superb answer.

        1. Ryan Shea

          Thanks!

          1. jason wright

            but Ryan, my name is Jason. I would not have been squatting if i had been allowed to register ‘jason’ by your company as i wanted to do earlier in the year. you held it back for Jason Calacanis. your argument holds true if you hold back ‘jason calacanis’, but not simply ‘jason’.

          2. ryepdx

            Since they use Namecoin, though, it should be easy enough to do an end-run around them and register whatever name you want using an alternative client.

          3. jason wright

            perhaps, and a good point. i just find it disingenuous to use ‘squatting’ as the reason for doing it.

          4. jason wright

            i think onename registered it and is holding it in reserve..from what i can tell.

          5. ryepdx

            Ah. Okay, yeah, that makes sense. Should’ve realized they’d do that. Well, there’s really nothing you can do to stop them from doing that. Welcome to capitalism.

          6. jason wright

            he purchased his twitter handle, and in doing so violated twitter’s policy (but unlike ‘ordinary’ people he got away with this because he’s now web tech aristocracy, and as we know the aristocracy protect each other regardless). he bought his twitter handle because he had no claim to it through cybersquatting or trademark rights.it seems that in the brave new peer to peer world some peers are still more equal than others.

          7. Lock

            Interesting answer, Ryan. Will monitor, given that username lock is taken. ::sobbing::

          8. Ryan Shea

            Yes, it looks like it’s taken because a squatter got to it :/

    7. Gregory Magarshak

      LIAD – distributed identity is a tough problem to solve. On the one hand you want to discourage Sybil attacks, people creating many accounts. One way to do that is to require people to prove they have something that’s expensive to get but they are likely to have (e.g. a cellphone). Another way is to allow unlimited accounts (like bitcoin) and make people build a reputation on the site, basically making it necessary for everyone to use reputation as a filter when reading comments (as forums do, as well as “proof of stake” in some altcoins).However this is only the beginning. As you mentioned, there is the namespace issue. It’s solved by namecoin to some extent, but ultimately squatting will always be an issue. Why should “famous people” get more right to pmarca than, say PMarca Laundromat? Maybe there are several industries in which there are people who are relatively famous, and you’ll favor the tech industry in that case?I think reputation systems improve the level of content (i.e. the YouTube comment phenomenon), but at the same time there should be an option to have anonymous accounts, to prevent governments cracking down on dissidents, gay people etc. On the other hand, you have the problem of terrorists using the network to plan their next attacks — in which case you’d want them to continue, but you want to bug that network. But do you want that on Craigslist in the escorts section? Do you want Google using Google Apps to spy on its competitors? Probably not. So it’s an interesting field with no easy solutions.If you’re interested, read this:http://magarshak.com/blog/?…

    8. ShanaC

      what if he doesn’t care

  12. John Revay

    I think I am one of the 20,000 that have cleared their identity or at least I started the process as I recall signing up for this back in March when I think Albert first blogged about this…..problem was I forgot my PW….I was able to find a email they sent me w/ a secret code I needed…whew!Still seems a little cumbersome for the average user.1. It wanted me to select a bitcoin provider – not sure I was ready to do that….(today)2. Then I needed to tweet some thing and then do a FB post, I don’t believe I have a set of GitHub creds.What was the Steve Jobs quote – “Simple is hard”

    1. Anne Libby

      Also, where’s Linked In? (Yes, everything that is awful about LI…) I’m not on FB, and I’m not a dev. I was verified via Twitter.My dad, for example, wouldn’t exist. He does a lot of stuff online — his Apple ID might be a place to verify him? He doesn’t participate in FB, Twitter or GitHub.

      1. John Revay

        Re: Your Dad…I thought about the same for my wife, she has a FB profile…but would have given-up in the process,

        1. pointsnfigures

          They should look at a threshold level to incorporate social networks, agree on LinkedIN, and might also add Pinterest.

      2. JamesHRH

        I like that OneName might come back to your Dad and tell him he does not exist without a Twit / FB or GH account!Slightly skewed world perspective?

        1. Anne Libby

          Gotta start somewhere! Building to millions of users will take expanding outside of those circles…

      3. Kirsten Lambertsen

        They’re probably starting with what they think will work best for early adopters right now. OTOH, you don’t need to be a dev to use Github πŸ™‚ It’s great for regular old documents, as well.BTW, I saw you get your OneName the other day and immediately followed in your footsteps! I hadn’t read Fred’s post yet, so I learned about it from you πŸ™‚ I snagged +kirsten – boom!Reading today’s post, I think I was in the vicinity of being right at the last DL’s dinner, ” a distributed ledger of identity that is open and not controlled by any entity.”

    2. Ryan Shea

      Hey John, in the early days we did send backup codes to users that were required for password resets.The reason we can’t provide standard password resets like most websites is that your account comes with a secret key that even we don’t have access to.However, since March we’ve moved to what we believe is a more user-friendly system – one in which users download a file in order to backup their account and enable password resets. We’re working on an even better process than this so stay tuned.

      1. leapy

        Ryan – a quick question if I may:I am a consultant for a number of multinationals – usually in serial but sometimes projects overlap. I use my docusign identity to sign the assignment contracts, I then travel to visit client offices for which I use my passport and credit card for flight and train tickets.At each office (at least in each country visited) I tend to have to show my ID (passport / drivers license) to get a temporary swipe pass to the offices and car park for the duration of my visit. Usually I also charge this same card with $$ for purchase of food in the canteen.My home office is cluttered with ID cards from clients that I have forgotten to return and I know that sometimes these organisations are less than rigorous in cancelling their permits.Am I correct in thinking that ultimately I could use my openname ID to manage my contracts, travel, access to client premises, billing my meals globally provided the systems exist that can work with my ID?

        1. Ryan Shea

          Yes, it is our hope that eventually you will be able to do all of these things. One step at a time, though πŸ™‚

  13. pointsnfigures

    +pointsnfigures; Your point will be more relevant the more data and targeting the incumbents do. Facebook, Twitter and Google aren’t little startups. They are massive corporations and not immune from the same economic incentives that shape the strategies and actions of Monsanto, Comcast, and Exxon.Imagine this startup, http://www.basictransfer.com/ using OneName.io to verify that the money was transferred to the right place. working on getting them to use bitcoin because that was an early use case cited by advocates.I also think that businesses should claim their names on the chain. While bitcoin is highly interesting to consumers-I think that the lion’s share of disruption will occur in supply chains and in B2B transactions. No more accounting for bad debts etc….Another example. It currently takes stocks +3 days to clear when they are traded, and there is not a good audit trail with the SEC. Blockchain and bitcoin could clear stocks right away via an organization like the OCC-and provide an immediate clear audit trail. Similar to Fred’s idea of attaching a fraction of a Bitcoin to a concert ticket-attach it to a share of stock, or a stock transaction for audit and clearing. To send and receive, orgs and traders could register with OneName.

  14. James Ferguson @kWIQly

    +james_fergusonBit surprised to see the verifying notice showing for @fredwilson:disqus”Profile being processed: once the blockchain confirms the data this notice will disappear (~3 hrs after signup)” at https://onename.io/fredwilsonor am I misunderstanding something ?

    1. Muneeb Ali

      Profile registration/updates are sent on the blockchain as a transaction and it takes a while for the transaction to get confirmed. This is exactly how Bitcoin works as well, you send someone money and the transaction needs to get confirmed on the network.

    1. jason wright

      what, Hirshfield is an alias?

      1. JimHirshfield

        That’s wright.

        1. jason wright

          i’m confident jimmy spinach would not be a one name identity squat

  15. MartinEdic

    And the one name site is not working. Do I really want this thing owning my identity?

    1. JimHirshfield

      Works for me. What are you seeing?

    2. Ryan Shea

      Hey Martin, what problems are you having? Happy to help you out here.

  16. Simon Taylor

    Open. Mustard. Seed. Check them out!

  17. Twain Twain

    I signed up as soon as Fred mentioned we could perhaps get BTC sent to our OneName id’s back in March 2014 (http://avc.com/2014/03/dece….Also, I did it to make up for the fact I didn’t join Twitter when it was first launched which means someone else has the username Twain. The guy joined in Sept 2009 and hasn’t even tweeted yet! That’s probably an example of someone who signed up to Twitter, got lost in the on-boarding process and didn’t bother to become active (a problem Twitter’s trying to fix) — https://twitter.com/twainDo I trust FB, Google and Twitter with my online ID? I believe it’s healthy when no one platform has a concentration and monopoly on ALL the information about us.

  18. Dave Hendricks

    Identity Management is a core function of the internet. It’s nothing new, packets use it. But that doesn’t stop people from trying to fix what isn’t broken. People have been Authing for a long time, and I’m not convinced we need a new proprietary standard for it, owned and administered by a speculative operation with such an Orwellian handle as ‘OneName’. I am sure they are awesome people.Maybe I am missing something. This approach is just another in a long line of pretenders. OpenId, etc. Building a proprietary username function on top of a proprietary service is just plain flawed. You call it out this way yourself: “this could be built on top of bitcoin”.No one who thinks about this for more than 2 minutes wants their identity to be owned by a platform. No one uses their Twitter handle as their identity. You yourself don’t believe we should auth using Facebook, google or twitter. So why is +Onename different? That is what i don’t get.There is a clear internet identity standard that is not owned, can’t be, is truly unique, works for login, for authentication, as a primary key, for p2p communications, for confirmations, etc.The email address. It’s your long tail, cross-device, authenticated, distributed identity. And yeah, that is boring as shit.You can’t sign up for, use, get notifications from, change passwords, auth, or anything on any of the aforementioned services without an email address. Next time you unbox a phone, wait three steps in…Yosemite/IOS8/Apple Pay is all based on email based identity. It’s been working for a long time and now that mobile is eating the world, the use of the deterministic email address (and hash) is increasing. You cannot use the internet without one.SO, We already have a non-proprietary distributed identity technology and the good news is that it isn’t owned by someone who plans to sell it in 5-7 years after a launch party and several rounds of funding.When I forget my OneName password or whatever, how do I get a link to reset it? How do they tell me when someone is trying to login? So many questions.

  19. JamesHRH

    Just to prove I am not a total BTC luddite, I registered on OneName.Wheeeeeeee!Now what?

  20. Rohan

    Very interesting. I’ve signed up.. aside from bitcoin integration, I’m not clear how they’re different from about.me though…

  21. DJL

    Being in the information security world, I see the critical importance of this and I like the distributed approach. (The sames needs to be done for devices.) Like others, though, my first step through the registration process was confusing, required THREE passwords, and in the end I got….. NOTHING? (Processing your identity…..) Steve Jobs would have killed somebody. This has to be really easy and the benefits clearly understood for widespread adoption. So get the UI guys grinding and good luck!

    1. Ryan Shea

      Hey David we hear you and we’re working on improving the UX here, as it could definitely be improved. Thanks for the feedback.

  22. leapy

    I see that “real” businesses are already taking notice. Docusign founder on blockchain.http://www.coindesk.com/doc

  23. William Mougayar

    Muneeb, what other apps do you envision in addition to logging into websites?

      1. William Mougayar

        Keep going… πŸ˜‰

          1. William Mougayar

            how about tying my identity to (digital) assets I own? then i can sell them. I think the Apps themselves will drive the Identity usage, and not the other way around.so…are you going to be working with developers to broaden your infiltration? i think that would a direction I would take. Do what Twitter didn’t do so well early on. Define where you play, where you don’t play, and enable those that have all these services ideas to use your auth schemes, and let a 1000 flowers bloom. I think the time is now, not when you have 1 million users necessarily. work on both aspects if you can. [email me wmougayar AT gmail. there’s someone i want to hook you up with]

          2. Ryan Shea

            Very much agree.And thank you William, that’s very kind, I’ll drop you a line.

    1. Muneeb Ali

      Secure/encrypted messaging is a no-brainer, every user on this system already has a private key to encrypt messages and there is no trusted third party involved either so it’s completely decentralized.

      1. William Mougayar

        Who will provide that service- new players?

        1. Muneeb Ali

          Android and iOS enabled several app developers to make messaging apps, so something like that can happen here since this is really a new platform for developers to build on. I’m just thinking out loud πŸ™‚

          1. William Mougayar

            Good point that both middleware apps and end-user apps could be beneficiaries. Go get them πŸ™‚

  24. Guest

    Helping shape the future is the best way to predict it.

  25. ZekeV

    This is cool, and I’m happy to see them develop on namecoin. But what would really excite me is a secure desktop client PGP toolchain with a modicum of UX sensibility. Also interop with bitcoin otc web of trust.

    1. Muneeb Ali

      Keeping your private keys on a desktop and/or mobile client is definitely the way to go and we’re looking at that!

      1. ZekeV

        OK, but could you build functionality to designate alternate keys, handle key revocation, using nmc? Would be an awesome improvement over using centralized MIT key server. (even if it’s benevolent, as I assume it is)And while you’re at it, I would be impressed if you added bitcoin wot as another identity aspect in your profiles.But don’t listen to me if you have better plans. If I knew what I was talking about, I would build it myself.

  26. sigmaalgebra

    So, Kerberos and public key infrastructre (PKI)but with blockchain? So, authentication?Capabilities? Access control lists?

  27. LaMarEstaba

    I just registered. I agree that the UX could be improved, but overall it was a simple and easy workflow. I don’t mind posting a tweet about it to verify my identity, but the public Facebook post (which I understand is optional) is going to be the only public Facebook post on my wall minus the post about me being born. Oh well, though…I do want people to know that they are transacting with me.

  28. ZekeV

    Is the onename crew generously paying the nmc on our behalf to record the account key-value pair?

  29. Salt Shaker

    What’s OneName’s biz model?

    1. leapy

      no doubt Muneeb or Ryan will chip in but I assume step 1 is to establish Openname as the de facto identity platform/protocol then step2 is build the best services on top of this. that’s where the money is – not in the id platform itself? please someone correct me if I have missed something here….

      1. ZekeV

        I would bet you’re right. Standard web 2.0 monetization scheme, though using namecoin blockchain as public key-value pair store.A better way to finance a namecoin business, in my view, would be to buy up a large stake in namecoin. Then go around investing dollars to build useful services such as onename.io, adding value to the nmc that you’re hoarding. An individual investment would thus not need to be profitable in itself — the investors (and company employees, whose comp would include namecoin grants with multi-year lockups) would profit from the success of the entire ecosystem. On the other hand, if your investment *is* able to generate a local profit, so much the better. Win-win.

      2. Salt Shaker

        Yes, you’re prob spot on, but there’s a bit of a chicken & egg thing going on here. Can you drive step 1 (enrollment) w/o having step 2 (traction/benefits) in place. Likely irrelevant for early adopters, but could be important for scaling. Can certainly see legit need, value and long-term merit, though.

  30. Kirsten Lambertsen

    I saw @annelibby:disqus get her OneName the other day (before reading your post) and immediately went and snagged +kirsten. Yesssss.I really look forward to what blockchain can bring to personal media/entertainment ownership and consumption.

    1. Anne Libby

      #sob, +anne was taken…

      1. Kirsten Lambertsen

        Every once in a while having a ‘weird’ name pays off πŸ˜‰

    2. jason wright

      this is a one name error, and is a clear case for retrospective squatting – there’s just got be to a more famous web tech ‘kirsten’ in the ecosystem πŸ˜‰

  31. Gregory Magarshak

    Ha, I remember earlier this year my cofounder and I met with Albert specifically to discuss decentralizing social networking — we have built a platform to do just that — but one of the things we realized in that conversation is that we still needed a centralized database to enable identity to happen.http://qbix.com/blog/index….http://www.faqs.org/patents…Well, after that meeting we challenged ourselves if we could do better … and in fact it IS possible to do a distributed identity. The biggest thing you lose, of course, is the guarantee that you will find people on the network when you search for them. Once you’ve CONNECTED to people, of course, you can communicate with them, but finding them requires centralized databases.This has broad implications though, such as highlighting whether Google’s and Facebook’s Real Name Policy is really that valuable. I don’t think it is, not even business-wise. Finding people isn’t nearly as big a use-case as connecting with people, and the trade-off might not be worth it.That said, for technological reasons, DNS is still centralized, because you have to find the computer(s) to connect to. And the internet is built around BGP and other protocols, which can be gamed and compromised (we’ve seen it before, and the attacks might spike in the future). How are you going to route messages in a network without trusting the network? It’s not an easy problem.But anyway, we’re not working on that layer. We’re innovating in the SOCIAL and APP PLATFORM layers, and we need to deal with things like this:http://en.wikipedia.org/wik

  32. Simon Edhouse

    I think the biggest opportunity in this area is not so much only with Digital ID, but with what you could call ‘Digital Real Estate’.. Storage is cheap, and new methods of storing (in DHT’s) and addressing, are relatively straight forward. There really is no excuse for the ephemeral nature of websites and the DNS system and ICANN’s monopoly. It is absolutely possible that we could all have little pieces of ‘Digital Real Estate’ as unique home pages, that survived for (theoretical) perpetuity. The Scottish company ‘Maidsafe’ (terrible name, but smart guys) funded in that MSC/BTC crowd sale earlier this year, have conceived of a version of this idea. Its something we did a lot of research into around 2006, at around the time those guys started their project too. ~ This would be a much more compelling value proposition than simple English word sets with arbitrary BTC addresses, (because its very common for folks to have multiple Bitcoin addresses, so the associated BTC link will come to be seen as somewhat moot.)

  33. William Mougayar

    btw- the verification process is a social viral share in disguise. so, i need to tweet my identity to confirm it, while i’m promoting OneName….Brilliant!!

    1. awaldstein

      Not to me.It may be brilliant mechanically but behaviorally a fail.Making people share is not sharing at all. It’s an inhibitor to use.

      1. William Mougayar

        But in this case, it was a way to verify identity. In their defence, the default message is not explicitly promotional and calling for others to use the service. It was more a statement of authenticity.

        1. awaldstein

          Forcing you to do anything in public, which a tweet certainly is, is always poor policy in my opinion.There are certainly other ways to verify identity.

      2. Muneeb Ali

        It’s a requirement for “public verification” and the social share is a by product. The idea is that you don’t need to rely on Onename (the company) for these verifications and since they’re public anyone can independently verify them. This levels the playing field for other profile viewers to exist e.g., my profile is also viewable on http://openname.org/muneeb. This enables developers to use the profile data however they like because they have a direct relation with the user, no middle man in the picture. This is the essence of decentralization πŸ™‚

        1. awaldstein

          If indeed the only way for this to work is to flood the social nets with these statements and I was in charge of this project, I would find another way.This is a a poor one socially. It simply won’t work.Seeing these on a Facebook feed looks like a B movie trailer.

        2. awaldstein

          Don’t get me wrong, I like the idea and a bit inspired by where this is going.I’m just pointing out that to say that cluttering the social nets with these ‘verificaitons’ as simply an offshoot is misunderstanding the human element and how people adopt new things.Endemic across the entire bitcoin world.

    2. Gregory Magarshak

      Why would I want to confirm my identity on bitcoin, by linking my twitter identity? I suppose I would like to have ONE verified identity on bitcoin, but then people would be able to discover where all my other bitcoin accounts are by following transactions from my verified account, as well as uncovering the identities of my counterparties.For example imagine if Bill Gates confirmed his identity on bitcoin.Having said that, yeah verification as marketing is one of the viral patterns.

      1. William Mougayar

        Good question for one name. I suspect bc verifying on the blockchain isn’t that straightforward. It’s pseudo anonymous by default.

      2. Muneeb Ali

        We support two methods of private/anonymous Bitcoin payments, 1) stealth addresses, and 2) one-time use addresses. This solves a lot of issues that you’re mentioning. So Bill Gates will have both a public address and private addresses and users can choose which BTC address to use (kind of like how Venmo gives you an option for public or private payment).

        1. Gregory Magarshak

          Yeah I agree with you. On top of that Bill Gates just has to make sure to never have any transactions between the two addresses, or between those addresses and others. He has to cash out before using one or the other. In effect, the other addresses should be for “completely separate businesses”.

  34. sigmaalgebra

    And if someone solves the Clay Math problem ofP versus NP by finding a fast, practical algorithmthat shows that P = NP? What then?

  35. sigmaalgebra

    I can see that some people will want an Internet ‘identity’. But just why would people want a single logon for Web sites?I don’t. Instead, at each Web site I log onto, I have a password unique for that Web site and, to make the log on fast, engablea browser cookie for that site. And for thatsite, i.e., that URL, my browser can store,retrieve, and use my UID and PW andinsert it into the text boxes of a Web sitelog on page.For the site PW, I keep that where I keeplots of things, and the PWs are easy tofind, copy to the system clipboard, andcopy into a PW text box.With most or all versions of a single log on,a security leak at one site would give awaymy single log on to many sites — bummer.

  36. Pranay Srinivasan

    I hope you got my bitcoin πŸ™‚

  37. Brandon G. Donnelly

    I registered on OneName a while ago (I was sent a backup code instead of having to download a file), but I was recently asked to reconfirm my account/identity. Is that going to be an ongoing thing?

    1. Muneeb Ali

      Currently names expire every 8 months and that’s why you were asked to log back in. In that sense it’s similar to domain names where you have to renew every year to show continued use.

  38. Chris McCoy

    I’m dubious. Would stake my farm on centralized identity that I own (that captures me, across history, across geography) and decentralized data that I get paid for.

  39. Medicalquack

    Interesting concept but I’m a real privacy advocate as well. I’m not saying this is not a good thing but I look at how much more data sellers could in fact connect and sell with one more unique identifier? We live in a world of data selling for huge profits and thus I’m a bit of a skeptic here. I have a campaign where I think we should license ALL data sellers, banks, companies, etc. so we know who they are as data is becoming so very flawed and as the World Privacy Forum report said “it’s the secret scoring of America” and we all get judged and allowed or denied access based on someone’s criteria used for a decision.In healthcare they are debating the same thing with creating a unique medical identifier number that would be universal in the medical world and the jury’s still out there too. Anyway, you can read my campaign and see what you think of my campaign. It won’t stop data selling but would lend transparency if consumers had a “look up” to see who sells data and what kind as now we are repackaged so many times over, you can’t find the source to correct the flawed data and its happened to me first hand.http://www.youcaring.com/ot…So again, I’m trying to be objective here as I used to be a developer and wrote an EMR in the early days so I know code, queries and how people will make a buck with data burning a hole in their pocket and this would give them another unique identifier to key in on to make more money? I see the point in not having a big conglomerate being in control here but again data brokers, banks, companies will use it to tie in and sell even more data about us. If I missed anything, let me know:)

  40. Fred Wilson

    I’m not really sure what problem OneName is trying to solve? I’m Fred Wilson, we are all Fred Wilson! What value do we get from linking accounts in the blockchain? https://onename.io/afakefre

  41. Twain Twain

    @fred — Facebook and Google aren’t the only ones after the Identity piece:* http://techcrunch.com/2014/

  42. paramendra

    Uber awesome.