Commentary by Mark Wahl, CISA
Organizing principles for identity systems:
Images in identity protocols (20070809)
Barbara Ballard (who blogs at little springs design) writes in Designing the Mobile User Experience (0470033614, published in 2007 by Wiley) on "learning from portrait miniatures":
"Portrait miniatures ... were the wallet photographs of the time; many of them were smaller than mobile phone screens. Some were used as lids for tins; others were jewelry. Some had frames, but many did not.
A full-sized portrait of the time would include the full or half length of the body and typically some bit of personalization beyond clothes like a treasured object or a symbol of the subject's status. Miniatures could not contain all this information. Instead most depicted the bust only; any adornments were worn in the clothes or hair.
Full sized portraints were distant: the viewer is distant from the painting, and the artist adds a more formal distance in the composition. Miniatures were intended to be held, sometimes close to the heart, so the artists painted the subject a bit more intimately...
American miniature portraits serve a further inspiration: the second generation of such portraits were largely painted by amateur artists."
When a digital image is to be relayed from a source (e.g., a web site) to a destination device for display (e.g., a desktop computer or mobile phone), there are often situations in which the source has available to it a range of alternate images that are "the same picture", and furthermore the source may be possible to resize, transcode or otherwise manipulate an image before sending it in order to "adapt" it to the needs of the destination device.
In an identity management system, the source may be a directory that stores, in a record or entry for a person, links to multiple possible images of that person, in multiple formats or situations. Only a subset of the information about these images is captured, however, in existing identity schemas.
In LDAP directory schema, the RFC 2798 inetOrgPerson object class of a person allows the attributes photo, which is an ITU-T T.4 G3 fax with an ASN.1 wrapper (defined in section 9.3.7 of RFC 1274) that is not widely used in enterprise directories, and jpegPhoto, a JFIF-encoded JPEG image. The draft NIH schema adds nihJpegPhotoDate, the date the jpegPhoto was taken, and thumbnailPhoto, a small JPEG photo of the person. Some limitations of these definitions are:
- There is no defined mechanism for supporting additional image formats besides fax or JPEG (e.g., adding PNG or SVG would require substantial changes beyond simply adding a decoder for that format to the destination.)
- Any metadata in the images is not exposed in the LDAP protocol: a client cannot request an image by size, color depth, etc.
- There are no relationships between images (there is not even an equality matching rule defined for jpegPhoto). If a person has two values of jpegPhoto and two values of thumbnailPhoto in their entry, there is no way to relate one value of jpegPhoto to one value of thumbnailPhoto.
In the FOAF specification, the foaf:depiction property provides a link from any resource to an image of that resource. A subproperty foaf:img links a foaf:Person to an image of that person. The foaf:thumbnail property of an image links to another version of that image. In RDFa one might state
<div about="#me" class="foaf:Person">
<img rel="foaf:img" src="my-picture.jpg" />
</div>
However, while it is possible to extract the metadata from an image and transform it into RDF statements about the image, this is not commonly done today.
SXIP has put in the OpenID AX schema registry attributes that link to images of a person. The attributes specify the default image, images with aspect ratios of 1:1, 4:3 and 3:4, and an image that is a "favicon" (a 16x16 or 32x32 pixel image in either 8 or 24 bit depth with either a PNG, GIF or ICO encoding).
Future identity protocols and data formats should permit the negotiation of a selection of images from a set of possible images, based on a wider range of factors, including:
- the capabilities of the device presenting the image
It should be possible in the protocol for the recipient device to express its constraints, such as its supported image encodings (e.g., prefers PNG, accepts GIF or JPEG, doesn't support SVG), the maximum image area, supported aspect ratios, color depths, supported color spaces (e.g., prefers Adobe RGB, supports sRGB), etc.
- the capabilities of the viewer of the image
Does the person viewing the image use a magnifier, have color blindness or low vision, or the ability to perceive colors outside of the 'normal' range?
- the context of the image in the layout of the application
How will the image be used in the application? For example, a display of "people we like" might wish to make transparent the blank space around a person's head, as in the famous picture
- context of the image in the culture of the viewer
What expectations does the person viewing the image have? If there are captions or text balloons in the image, what language are they in? Would the image be offensive or generally inappropriate to someone based on their cultural context? (For example, in MacOS the Page setup Options dialog illustrated paper orientation with a picture of a dogcow, except in Arabic systems, which illustrated the paper orientation with a picture of a horse.)
- social context of the image and the application
A picture taken in one context may be inappropriate in another. Not only should the image include its context, but also the requesting destination.
An actor might wish their 'default' picture to be a head shot that is carefully constructed and posed. A system which arbitrarily resizes or adapts this image might give the wrong proportions or tones, and in this case, the actor might prefer the system not send any image if the fidelity cannot be preserved.
In a system in which mobile phones display a thumbnail picture of the person calling, a participant might wish to have a picture of themselves with a serious expression be sent with a call to a stranger or a business partner, and use a lighter expression be displayed in calls to friends or intimates.
The articles "College sued over drunken pirate sanctions" and "A MySpace Photo Costs a Student a Teaching Certificate" mention a lawsuit by a 27 year old student whose MySpace page showed her drinking from a cup at a costume party:
A university official told her that the photo was "unprofessional" and could have offended her students if they accessed her MySpace page.