My ETel Talk

Empowering People and the Coming Layer of Identity (Link to Slides)

win-win-win for Citizens – Applications & Communities & Operators

People are empowered with their identifiers get good service at reasonable rates along with the Freedom to Access the tools they want to on the network (free from operator interference and packet discrimination)
Application Builders and Service Providers can innovated new tools that work on the web and mobile devices.

Operators can have a business model that is more then just bit-haulers. They have a special relationship with the customer which means they can leverage:

  • Authenticated End-points to physical devices.
  • be OpenID / Identity Providers
  • the Billing Relationship with the customer and the asset of their billing system they can open up to others.

Here is a list of Further Resources in the talk.
Identity Commons



Card Space and Laws of Identity



Johannes Ernst who presented namespaces out of control.

Andre’s Diagram of Identity and Payment Networks converging.


Identity Commons Community

Internet Identity Workshop May 14-16, Mountainview

Identity Open Space April 26-27, Brussels

International Telecommunications Union Focus Group on Identity Management

Basically dealing with How do Network-centric, Application-Centric and User-Centric Identity Play well together?

Wiki on the last meeting Feb 13-16

April 23-25 Geneva

May 16-18 Mountainview

Technorati Tags: , , , ,

The Nature of the Web

This is a great documentary about Net Neutrality by the folks who did Four Eyed Monsters. It gives a great overview of the history of other communications technologies and how they were enclosed after their initial burst of freedom and expression. I have a deep affection for the web and its power to empower people am also very concerned about the future of it as a communications commons.

I learned a lot about the network-centric point of view at the ITU-T IdM Focus Group meeting. I have a much deeper respect for the complexity of the issues that affect ‘the network’ and ‘the internet.’ I am committed to an ongoing engagement to build shared meaning, understanding and figure things out. I am speaking next week at Emerging Telephony and I believe that ‘identity’ is a key to giving Telco’s a way to support the web’s network.

I will be blogging more about the past few weeks in the next few days.

The Answer

The Question:

The one question I have about this collaboration announcement why Cordance, NetMesh LiveJournal or of SixAppart were not listed in the announcement.
The Answer:

Every PR department from every company has to get involved. Each has a constituency and message that it wants to be clear. Every time a change is made it has to go everyone else for approval, often provoking a further change, and so it just takes time.

Kim I hear you about this and it is a legitimate explanation if you are dealing with ‘big companies.’ Last time I checked you only had to call two people to check in with NetMesh and Cordance as neither has PR departments. My guess is they would have noded yes to the announcement and would have been very happy to participate without more attention overhead. I think when you are dealing with as tightly knit a community of little companies who are collaborating deeply (perhaps how tightly knit was not obvious to you) it is good to be inclusive. It also seems a bit unfair to highlight those two over the others given the magnitude of this PR (500k people had watched the keynote via the web). Even though you say this “Nor was this meant to be PR as such” the truth is that for companies of the size they are it is a BIG deal in PR terms to be on announcement like the one you released yesterday.

Hopefully things will be smoother in the future with the formation of the Foundation for OpenID more official it will be easy to figure out who to talk to about these sort of ‘announcements.’

No answer to my question yet.

The one question I have about this collaboration announcement why Cordance, NetMeshand other companies who have made major contributions and have critical stakes in the OpenID community were not listed in the announcement. I know it was pulled together very quickly but I think the contributions of those two companies have been extensive and deserved mention (and yes! they do have ‘code’).

There was no mention LiveJournal or of SixAppart or Brad Fitzpatrick the originator of OpenID.

I hope that in the future we can work to be more inclusive and uplift all the main contributors to these efforts.

“THE” OpenID – MSFT announcement @ RSA

This morning at RSA Bill Gates and Craig Mundie announced MSFT support of OpenID2.0. (Johannes has a good summary of the points they made too) I wouldn’t go so far to say that they got Married. But what exactly was announced? I spoke with David Recordon and Mike Jones after the announcement. (this picture is before the announcement).

The OpenID Relying parties will be able to request that the authentication be done in a Phising resistant way. Then the OpenID Provider will have it a way to assert that the authentication of the OpenID (a URL or XRI/I-name) has been done in a Phishing resistant way. CardSpace will be available as a primary way of providing this kind of authentication (for users on Windows machines).

This is a very exciting development as it expands the options available to users. Their are issues with Phishing in OpenID (as outlined here by Kim) and addressing this hole is key to making it a viable protocol that is good for users.

Kim talks about is request to the OpenID community in the blogosphere and in the meeting they had last week at JanRain (Scott blogged about that here).

My big ask was to add a way to request credentials based on phishing-resistant authentication…..[so that] the system is built to handle the dangers that would come with its own success.

The one question I have about this collaboration announcement why Cordance, NetMesh and other companies who have made major contributions and have critical stakes in the OpenID community were not listed in the announcement. I know it was pulled together very quickly but I think the contributions of those two companies have been extensive and deserved mention (and yes! they do have ‘code’).

There was also no mention of like Brad Fitzpatrick the originator of the OpenID and his company LiveJournal which is now a part of SixAppart.

RSA Opening: The Rock Concert for Security Heads

I got the feeling walking in a Rock Concert for security heads. Among the music they played in the opening was OKGO’s Tredmill Song.

Then when the show started they opened up with a man and a woman singing Under Pressure with “security lyrics” complete with a backup choir of folks it seems that we have started a trend with Bohemian Rhapsody in the Key of ID (or maybe we are part of a trend).

Ze Frank came out as our host and talked about the risks and costs of new renaissance don’t outweigh the potential benefits.

Providing Answers about Identity.

I am not sure that I am the right person to ‘provide answers‘ to the questions James McGovern suggested that the Identity Gang folks should address. I think that the traffic on the list about nomenclature does not reflect the actual amount of activity on solutions going on in the community. There are several projects working away…not talking much on the list because they are solutions oriented people and have little patience for waxing on about the definition of ‘user-centric’. I will do what I can to help in the emergence of solutions and answers. I commit to continue to facilitate spaces where folks working towards real solutions can gather and work them out.

International Telecommunications Union Focus Group on Identity Management

Just after the holidays I heard about this Identity Focus Group meeting that the ITU was convening. It was suggested by David Recordon and Michael Graves that I go. I made a few more inquiries and by the end of the week I was talking to Abbie Barbir, Richard Brackney and Tony Rutkowski about going.

The have some ambitious deliverable goals:

  1. A living list of standards bodies, forums, and consortia dealing with Identity Management, including information concerning their activities and documents in the context of IdM framework.
  2. A global analysis of IDM requirements and capabilities.
  3. A study of various mechanisms for discovering different identification schemas.
  4. Developing an IdM framework including data models/schemas
  5. Producing a set of IdM telecommunications/ITC use cases that can be used to derive requirements.

I asked them what the format would be and they said the were thinking about doing ‘working group’ meetings for three days. I put forward the idea that they might consider open space since it was working so well at the Internet Identity Workshop for all the different technical communities and social issues participating. They agreed!

The first day will be chalked full of 1/2 hour presentations (really 20min w/ 10min of questions) on a whole range of threads that are being pulled together for this work. (I am going to link to these things but not today – you can google them for now if you really want to know more)

  • TU-T SG13, SG 17 & ISO SC27 (IdM), Dick Brackney (USA), Tony Rutkowski(VeriSign)
  • Content Industry standard identifier activities and Handles, Norman Paskin (ISO)
  • 3GPP IDM Related Activities, Martin Euchner (Siemens)
  • NGN Overview
  • Liberty Alliance, Fulup Ar Foll (SUN)
  • CardSpace and Identity Metasystem, Mike Jones (Microsoft)
  • OpenID Presentation David Recordon (VeriSign)
  • XRI (i-names) and XDI, Ajay Madhok
  • Higgins, Presentation, Tony Nadalin (IBM)
  • JCA-NID Presentation, Pierre-André Probst (OFCOM/Switzerland)
  • OID Presentation, Olivier DUBUISSON (FT)
  • Identity Commons overview, Kaliya Hamlin
  • Privacy and Rights Management, Mary Rundle (Harvard)

Day 2 and 3 will be Open Space that I am facilitating and the 4th day we will coalesce into concrete working groups to move the deliverables forward between the end of the meeting and the next meeting likely in May in the Bay Area likely after IIW 2007.