As I continue to work with Identity Commons, a colleague just pointed me to SharedId which is

... an authentication service that allows web users to share their personal information in a controlled manner with their favorite websites. SharedID is built on the open standards RSS, RDF and FOAF. [sharedid.com]

While this sounds promising, unfortunately SharedId is exactly the wrong thing. First off, it's centralized (ug) - all authentications go through the SharedId site (another hideout for Big Brother?). Further, and this is a problem with FOAF in general, profile sharing is at FOAF-file granularity, which means all my info, friends, etc. in my FOAF file will get shared once the cantralized authentication happens. I've heard some of the FOAFsters talking about how one might have several FOAF files, but then you've got data replication problems.

But this points to an important issue: since FOAF has such a large and growing user base, it will be essential that we have a FOAF-to-XDI translation service with default sharing contracts placed on fields that can, of course, be manually tweaked via a GUI.

(XDI, or XRI Data Interchange, and XRI, or Extensible Resource Identifiers are new OASIS standards. You can find out more at oasis-open.org or at the public wiki at xrixdi.idcommons.net)