1. they set up a WikiHomePage ; there they set a link to their owned domain-name URL and a link to Whois.com, a central registry for domain-name owners.
2. Additionally they take a snapshot of their WikiHomePage for their blog.
3. From their owned domain-name URL AND from their blog they set a backlink to their WikiHomePage
This seems to be very close to the OpenID concept wherein one signs into websites using an identity verified by a server that they control (so for example you might appear with yourname.website.com, if you had a verified account at website.com and they run an OpenID server). -- EarleMartin (earle.myopenid.com)
The major problem with this scheme is that there is no guarantee that John Doe owns the domain johndoe.com. The domain name registars do not require any valid identification, nor does the whois information match the person's actual information. It's rather rare that it does, actually. Where OpenID makes more sense is that it ties your "new" identity to an existing investment in a SerialIdentity somewhere else, which presumably is bolstered through a network of other people who support that identity. While again it is possible to spoof an entire identity by building up a series of connections both real and fictional (and I know people who have done this), it becomes increasingly unlikely. However, it is trivial to spoof a domain registration since it relies on the honour system alone. -- SunirShah
Sunir, I have not yet seen a registrar, who takes cash for their services. As far as I know, all registrars rely on credit card payment or PayPal (who verify customer's identity via small funds transfers). So they require a valid identification by credit card at least. People, who want to engage in an OpenBusiness, OpenBusinessWiki within the framework of a SocialCommonWealth, i.e. peers who want to buy, develop and resell domain-names have a vested interest, that the revenue is directed to their own account. So I wouldn't play down the slogan of WhoIs?: "We give you an identity in the Web" (or similar, I must look it up). As credit card fraud is a crime, we can normally assume GoodFaith of the clients of WhoIs?. -- [fridemar]
Yes, that's a very serious issue with the system as it stands. My workaround is to place my PrettyGoodPrivacy (strictly speaking, GPG) PublicKey on my website, which is verifiable using the traditional method. The downside to that, however, is that it requires meeting me in person and examining my GovernmentBackedAuthentication, and you may be on a different continent. I could also be using fake ID, but I think for most people it's a lot harder to fake a passport than a domain registration. (Incidentally, don't we have a page somewhere about someone who built up a fake OnlineIdentity, and how it was discovered by their community?) -- EarleMartin
Please consider this partial kludge 'method' (HansWobbe interjects)