i guess i missed all of the discussion leading up to this, but the internet now has a working implementation of a user-controlled digital ID system based on existing technology and formats. the basic idea is that you create a FOAF file containing the information you find yourself frequently typing on websites to identify yourself (name, email, address, phone number, etc.). or you can feed this information to a computer and have it auto-generate your FOAF file. then, you put this file on your website. or one someone else's website - if this takes off, we can expect to see digital ID servers pop up that do nothing buy host/manage your FOAF file for you. maybe your email provider could do this. so then when you go to a site, rather than typing in all of this information, you (somehow) tell the site where your FOAF file is, and they figure it all out and fill in your information for you. neat, eh?

the only problem with this is that it doesn't have any level of security beyond obscurity. what if you don't want someone to know all of this information? you don't have to tell them, but what if they find your FOAF file? i can hardly imagine how we could make it any easier for spammers to track us down than by creating a standardized format in which we publically display all of our personal data. of course, you can always not include a field, such as an email address. but then you must type it every time you want a site to have it. isn't there a better solution that allows for both privacy and convenience?

what i like is apple's keychain system. any application can ask for a password on my keychain. but when they ask, the keychain asks me if it's okay (just once or always) before divulging my passwords to the application. what i'd like to see is a web browser (safari is a nice candidate) that can grab my keychain information and pass it to requesting websites, asking me if it's okay first. then i can password protect my FOAF file and have control over who can view it. when i go to a website, they can request the password for my FOAF file, and i can decide whether or not i want them to have it. then they know everything about me i want them to know and nothing more. better yet, my keychain could just contain my whole FOAF file locally.