MicroID could support trust networks

Last weekend, Jeremy Miller, the creator of Jabber, announced microformat called MicroID. MicroIDs "allow anyone to simply claim verifiable ownership over their own pages and content hosted anywhere."

This sort of thing isn't unusual. Technorati, for example, provides a way for people to claim a blog that works in a way similar to MicroIDs. Google has another system. I've got three or four on my blog that I've accumulated over the years. MicroID is a standard way of doing this. That means that I only need one claim on my blog and then anyone can use it. Additionally, software to support ownership claims can be written, based on the standard, that keeps us all from reinventing the wheel each time.

A number of people have had problems understanding what MicroIDs are and how they work (just look at the comments on Jeremy's announcement). Most of the confusion stems from people trying to make a MicroID something it's not. MicroIDs can't be used to prove ownership, merely to verify a claim to ownership. MicroID isn't an identity system, its just a small useful something, as Doc Searls says, that can be incorporated into a number of platforms. Another key point is that to be useful, MicroIDs should be generated by a Web site with a verified email address for whoever is creating the content.

In an effort to understand them better, I spent some time writing a Movabletype plugin for MicroIDs. The plugin can calculate a MicroID for the blog proper, any given entry (based on the author's email), and comments (based on the commenter's email). If you view the source for this entry on my blog you can see MicroIDs used in each context.  Just this morning, Richard Miller wrote to tell me he'd built a MicroID plugin for WordPress.

To see how MicroIDs can be useful, consider a scenario that people have discussed quite a bit: using eBay reputation (or Slashdot karma) off eBay's Web site. Consider the following:

• eBay gives each seller a personal feedback page
• Each such page has a URL
• eBay has a verified email address that it can associate with each member (and consequently with the page)

These are the necessary ingredients for creating a MicroID. If eBay were to wrap my feedback score and even my individual feedback items, with a <span/> tag containing a MicroID computed from the page URL and the verified email address, I could lay claim to them on any other Web site.

Here's how that would work. Suppose you run Aunt Annie's Auction. I sign up for an account and I give you my eBay member name and the email address I use at eBay. You do the following:

• Verify my email in the usual way (send me an email with a unique URL that I click on)
• Generate the eBay profile URL from my member name and retrieve the page
• Calculate a MicroID using the verified email and profile URL
• Compare the MicroID you compute to those on the page. If they match, you know the wrapped feedback scores on the eBay page are owned by the same person who signed up on your site.
• Collect any seller feedback data you want from the eBay page and use it in your system. You could check every night if you liked and update your records.

eBay's unlikely to do this anytime soon, but they could. In fact, having a standard way of claiming ownership opens up to possibility for sites that would collect reputation data from multiple sites and broker the various reputations and even the verified email addresses. The ability to reliably claim ownership of what you create (including your feedback scores on eBay or Slashdot) is at the heart of building trust networks on the Web.