Democracy    Ecological Design    Economics    Global Systems    Independent Media
Infrastructure    Networks    Collective Intelligence    Social Sculpture    Transparency
» Home
» Search
» About Us
» Contact Us
» Blog
» Back Issues
Journal Newsletter:
Sign up to hear about new issues.

The Social Web: Creating An Open Social Network with XDI
Drummond Reed, Marc Le Maitre, Bill Barnhill, Owen Davis, and Fen Labalme

New open standards introduce long-term, trusted links between people, groups, and bits over the Net.

The Networking Imperative

As communications technology evolves, so do communications networks. In fact the pace of this evolution, the rate at which new network practices reach broad adoption, has been constantly accelerating, as shown in Table 1:

Table 1: The pace of network evolution

With each new network comes new capabilities—more information to share, in richer formats, over more channels, with more parties, at greater speeds. As might be expected from the pace of innovation shown in Table 1, the next evolutionary step is already upon us: the rise of social networks.

What is a Social Network?
In traditional networking terms, what are being linked are devices or objects: phones, fax machines, computers, documents. The term "social network" implies moving to the next level, where what are being linked are people and organizations. The significance of this evolutionary step is described in a seminal 2003 paper titled "The Augmented Social Network"[1] by Ken Jordan, Jan Hauser, and Steven Foster. As they put it:

"Much has been written recently about the power of social networks and the famed 'six degrees of separation.' Suppose you could go online and make relevant connections with others from whom you are separated by one, two, or three degrees? Suppose that while working on a solar energy project in California, you could use such a system to find an engineer in Shanghai whose experience is directly relevant to your project? Could the Internet be used to establish networks of trust that cross traditional borders? Can the Internet be better at supporting the ability of citizens to self-organize and participate in civil society?"

The rapid rise of social networking sites has already proved this a reality, even though they are "walled gardens," not interoperable as the Augmented Social Network the authors proposed calls for. By mid-2004 there were over 200 social networking sites, including Friendster, LinkedIn, Ryse, orkut, ZeroDegrees, Meetup, Tickle, and NeoSociety, and many more are coming.[2]

In these communities, an initial set of founders sends out messages inviting members of their own personal networks to join the site. New members repeat the process, growing the total number of members and links in the network. Sites then offer features such as automatic address book updates, viewable profiles, the ability to form new links through "introduction services," and other forms of online social connections.

Going Open

If there is one lesson that the Internet and the Web have taught us, it is the value of interoperability, i.e., the ability to connect systems and software through open standard protocols. For example, at least a dozen early proprietary email systems were eventually superseded by the open Internet SMTP (Simple Mail Transport Protocol). The same happened with the open World Wide Web displacing proprietary hypertext systems.

Community expert David Reed explains why there is a particularly strong force compelling social networks to become interoperable:

"There is an enormous incentive to find ways to interconnect [social] networks, since the members of each network can access a much larger set of potential transaction partners."[3]

Reed's paper, "That Sneaky Exponential—Beyond Metcalfe's Law to the Power of Community Building," goes on to explain why social networking may in fact be the most powerful networking imperative in history:

"While many kinds of value grow proportionally to network size and some grow proportionally to the square of network size, I've discovered that some network structures create total value that can scale even faster than that. Networks that support the construction of communicating groups create value that scales exponentially with network size, i.e. much more rapidly than Metcalfe's square law."[4]

This phenomenon, known as Reed's Law, explains why the most valuable social network in the world would be the most inclusive. Like the development of the Internet and the Web before it, the evolution of an open, interoperable, global social network seems all but inevitable.

The Emergence of XDI

Indeed, the technical foundations for such interoperability began forming over five years ago. The development of XML in 1998 led to a digital identity project called XNS (Extensible Name Service) and the establishment of an international non-profit governance organization, XNSORG, in early 2000. By late 2002, XNSORG contributed XNS to OASIS[5] where it was divided into two layers: one for identifiers called XRIs (Extensible Resource Identifiers) and one for trusted data interchange called XDI (XRI Data Interchange).[6]

The mission of the OASIS XDI Technical Committee (TC) is to follow the proven architecture model of the World Wide Web in order to enable an open XML "dataweb" as shown in Table 2:[7]

Table 2: Dataweb standards follow the precedent of Web standards

This "next-level Web" will work very much like today's Web, except it will:
a) Link people and organizations in addition to machines and documents,
b) Support persistent links that won't break as people and organizations change, and
c) Address the privacy and trust issues that plague today's Web.

In short, unlike the primarily public and anonymous links available over today's Web, links on the Dataweb would enable private, trusted, and bi-directional links approaching the same level of intimacy as real-world relationships.

The Social Web

This fabric of trusted online relationships can lead to the development of an entirely new layer of the Internet. This layer was foreseen by David Johnson, Susan Crawford, and John Palfrey, Jr. in their January 2004 Aspen Institute paper "The Accountable Net: Peer Production of Internet Governance."[8] In their argument for new technologies that enable Internet users to choose and verify with whom they interact, they put it this way:

"What we are positing is a state change that will amount to the addition of a new social layer to the Internet protocol stack."

In a technical sense, that is exactly what can happen with XDI. Just as the open standard TCP/IP protocol created the Internet, and the open standard HTTP protocol created the Web, XDI is an open standard protocol that can join today's emerging social networks into one interoperable Social Web. This layer will evolve naturally over the existing HTTP-based Web the same way the Web evolved over the then-existing Internet.

Figure 1: The Social Web can evolve over the Web just like the Web evolved over the Internet

This paper provides a brief overview of the key building blocks of XDI, then examines the inherent structure of the Social Web and the key applications that are likely to drive its development. It concludes by looking at Social Web governance and the evolutionary stages through which it is likely to grow.


The XDI Technical Committee was formed at OASIS in January 2004 by a consortium of organizations and individuals including AMD, AmSoft, Attachmate, Booz Allen Hamilton, Cordance, Epok, NeuStar, Netmino, NRI, Identity Commons, and PlaNetwork. This section introduces the three major building blocks of the XDI specifications.

1. I-Names and I-Numbers—The Universal Private Address[9]

Today's Web links web pages and other digital objects; the promise of the Social Web is to link people and organizations. While digital objects live entirely on the network and therefore have relatively stable network addresses, people and organizations live in the dynamic real world—they move and change addresses (postal, phone, fax, email, Web, IM, blog) all the time. They even change their real-world names. Yet their identity remains the same.

This represents a tremendous challenge for the Social Web: how can it maintain long-term, trusted links between real people and organizations over the Internet if their network addresses are constantly changing?

The answer is a new type of abstract address called an XRI (Extensible Resource Identifier). Developed by the OASIS XRI Technical Committee, XRIs solve the problem of maintaining persistent addresses for people and organizations—addresses that do not need to change no matter how often the contact data for a person or organization changes. This is done by adding a new layer of addressing over the existing IP numbering and DNS naming layers used on the Internet today.

Figure 2: XRI i-names and i-numbers are a new abstract addressing layer over IP and DNS

The XRI addressing layer actually consists of two layers which mirror the two layers below it— DNS domain names and Internet IP numbers. In order of increasing abstraction, these two layers are:

* I-numbers—machine-friendly identifiers (similar to IP addresses) that are registered to a resource (person, organization, application, file, digital object, etc.) and never reassigned. This means they can always be used to address a network representation of the resource as long it remains available somewhere on the network.[10] I-numbers are designed to be very efficient for network routers to process and resolve.

* I-names—human-friendly identifiers that in most cases will resolve to an i-number, making them much easier for people to use. Though typically long-lived, i-names differ from i-numbers in one critical way: they may be transferred or reassigned to another resource by their owner. For example, a company that changes its corporate name could sell its old i-name to another company, while both companies could retain their original i-number.[11]

XRIs are backwards compatible with the DNS and IP addressing systems, so it is possible for domain names and IP addresses to used as i-names.[12] Like DNS names, XRIs can also be delegated, i.e., nested multiple levels deep, just like the directory names on a local computer file system. For example, a company can register a top-level (global) i-name for itself and then assign second- or lower-level (local) i-names to its divisions, employees, etc. Or a community could register a global i-name and assign local i-names to all its participating members.

However XRIs also support two features not available in DNS or IP addressing:

1) Non-hierarchical peer-to-peer addressing—a way any two network nodes can assign each other XRIs and perform cross-resolution.

2) Global context registries—a simple, human-friendly way to indicate the global context of an i-name or i-number. There are three key types of global context registries, each represented by a single symbol as shown in Table 3.

Table 3: Examples of i-names and i-numbers from the three types of XRI global context registries

I-Names in particular are referred to as universal private addresses because they solve two other longstanding problems of conventional addresses like phone numbers or email addresses:

* Unified addressing. Because an i-name is abstract, it is the first true "one-line business card." Given the proper permissions (see below), it can be used to automatically look up (resolve) any other contact data necessary to communicate with its owner. There is no limit to the type of data that can be resolved by an i-name.[13]

Figure 3: XRI i-names and i-numbers can unify all addressing and other contact data

* Privacy control. An i-name is literally "unspammable" because it is not an email address (or a phone number, or a fax number, or any other form of direct communications channel.) Instead the owner of an i-name controls how it is resolved, and what privacy rules must be observed before any contact can be made or data accessed. This enables new personal contact gateways that can automatically filter contact requests, stopping spam before it starts. For details, see Personal Contact Gateway in the Social Web Applications section.

In summary, XRI i-names and i-numbers are the persistent, portable, private identifiers needed to anchor the "endpoints" of the Social Web. They provide the abstraction layer and privacy barrier necessary to separate the real-world identities of the people, organizations, applications, and digital objects that will participate in Social Web relationships from the physical machines from which they currently operate.

2. Dataweb Pages—A Lingua Franca for Sharing Data

The second key building block of XDI is a solution to the complex problem of exchanging data across different domains—a problem that must be solved if people and organizations using different operating systems, different databases, and different applications are going to share the data necessary to form trusted relationships via the Social Web.

The Web solved this problem by establishing one standard markup language for all Web documents—HTML. The Social Web applies the same approach using XML, the rapidly growing universal language for data representation. XDI defines an extremely simple, interoperable XML schema (technically called a metaschema) in which every element of data is identified with one or more XRIs.[14] XML documents in this format are called Dataweb pages because they can be linked together in a manner very similar to the Web.

The power of this approach is that Dataweb pages provide a single format in which any XML-encoded data (including XML documents in other schema formats) can be shared independent of the application or domain from which they originated. Additionally, using Dataweb link contracts (see below), these pages can be persistently linked and synchronized, and every page can show the precise chain-of-authority for every item of data on it, whether it is an original or a copy, and whether it belongs in the personal, organizational, or public domain of authority.

3. Link Contracts—Enabling the Dimension of Trust

Just as the World Wide Web protocols allow any two Web pages anywhere on the Internet to be linked, XDI allows any two Dataweb pages to be linked. The difference is the power of the links. Web links are essentially one-way "strings" that allow a linked document to be downloaded ("pulled") into a browser. Dataweb links are two-way "pipes" through which data can actively flow in either direction ("push" or "pull"). This flow can be controlled automatically by "valves" on either end called XDI link contracts.

Figure 4: XDI link contracts form strong, 2-way "pipes" for trusted data sharing

As shown in Figure 4, XDI link contracts are Dataweb pages that control the exchange of other Dataweb pages the same way real world legal contracts control the exchange of goods, services, or intellectual property. And like real-world contracts, link contracts are flexible enough to address virtually any aspect of data control, including:

* Authority: Who controls the data being shared via the contract?
* Authentication: How will each party prove its identity to the other?
* Authorization: Who has what access rights and privileges to the data?
* Privacy and usage control: What uses can be made of the data and by whom?
* Synchronization: How and when will the subscriber receive updates to the data?
* Termination: What happens when the data sharing relationship is ended?
* Recourse: How will any disputes over the data sharing agreement be resolved?

After i-names/i-numbers and Dataweb pages, link contracts are the third key building block required to create the Social Web. They provide a globally interoperable solution to the complex authority, privacy, synchronization, and other data control issues that exist at a higher level than the packet layer of TCP/IP or the content transport layer of HTTP.

[Continued on next page...]


[1] See

[2] See

[3] From, as quoted in "The Augmented Social Network."

[4] This phenomenon only holds if the groups formed are truly valuable. For example, some early social networking sites encouraged competitions to see which members could form the most links. This led to "link burn-out" and an overall decrease, rather than increase, in value.

[5] Organization for the Advancement of Structured Information Standards,

[6] The first Committee Draft specifications from the OASIS XDI Technical Committee should become available in the fall of 2004.

[7] For full details, see the XDI Technical Committee white paper "The Dataweb: An Introduction to XDI," at wd-xdi-intro-white-paper-2004-04-12.pdf.

[8] See

[9] Originally known as "e-names" and "e-numbers," the "i-" prefix evolved because it better reflected their role in Internet identity infrastructure.

[10] Depending on a registry’s policies and the registration term, an i-number can continue to resolve indefinitely after the person or organization it represents no longer exists.

[11] This is why links on the Social Web will almost always use i-numbers. I-names will be used by people as a human-friendly alternative to an i-number.

[12] Technically it is possible for them to be used as i-numbers as well, though this is much more difficult.

[13] This is the reason for the "X"—extensibility—in "XRI."

[14] This ability to make all data universally addressable was a key architectural tenant of the oNLine System (NLS) developed by Douglas Engelbart and his Augmentation Research Center team at Stanford Research Institute in the 1960’s and 1970's.

[continued at The Social Web: Creating An Open Social Network with XDI, page 2]

PlaNetwork Journal
Except where otherwise noted, this site is licensed under a Creative Commons License