Authenticity

I haven't blogged for over a month, so here's a random rant to try to kick start this for me again...

Since the Xerox machine, people have been able to make easy copies of "the news," but forgery was tough as (say) the New York Times had a distinctive type face and "feel" to it.

Now with the Internet, it's trivial to make forgeries. (Phishing attacks work by creating convincing forgeries of trusted web sites.) It's deep within my philosophy that anything that can be reduced to bits (what I generically call "software") should be free. (Why should we pay lawyers try to make a plentiful resource scarce?) IMO, the real value comes with software's timely production, searching, indexing, matching, storage, maintenance, support, additional commentary, etc. In this vision (of utopia?) authentication is supreme. Anything that wasn't authenticated would be generally ignored.

XDI helps raise authentication to a new level, as access to arbitrary data can be mediated by arbitrary contracts and policies. It's turtles all the way down. And the danger of "tunnel vision" -- seeing only what you pre-define that you want to see -- is only real if that's what you want. Through authenticated, constantly evolving relationships and communities, and perhaps even subscription to special (open source or for-profit) "serendipity" editors, a sound and well-rounded view (you pick the subject(s)) is readily available.

Problem is, it puts responsibility back on the person. But then, by joining a community that will assume certain responsibilities for you, you can offload that, too.

Sort of like the "real" world.