IIW IX is open for business


Iiw9_4.png

Internet Identity Workshop number 9 is coming up in about 10 weeks. November 3-5 (Tuesday to Thursday) in Mountain View California at the Computer History Museum.

We are excited about all the developments in the industry with protocol evolution in the social web space AND larger and larger scale deployments of open identity technologies including OpenID and Information Cards.

There will be much to talk about at this fall’s event.

Early REGISTRATION is Open! UNTIL SEPTEMBER 16 then prices go up by $50-75

Early Bird Prices are….

  • $274 regular tickets
  • $148 for independents
  • $ 50 for students

We need to get 75 people registered by September 16 to make a final confirmation for our conference space at the Computer History Museum.

Special this year we have the “BIG” ticket for those can expense $998 (but can’t convince marketing to sponsor). This is a GREAT way to support IIW!

IIW is a completely community driven event – we don’t pay anyone for marketing – the community is our marketing.

Please put our LOGO ON our blog our WEBSITE.

Follow IIW on Twitter – @idworkshop

SPONSORSHIP OPPORTUNITIES ARE STILL AVAILABLE!!! Please contact Phil if you are interested in learning more phil@windley.org

JOIN THE COMMUNITY MAILING LIST

THE INVITATION TO IIW!

The Internet Identity Workshop focuses on “user-centric identity” and netizen empowerment on the social web trying to solve the technical challenge of how people can manage their own identity and social activity across the range of websites, services, companies and organizations that they belong to, purchase from and participate with.

This is where everyone from a diverse range of projects doing the real-work of making this vision happen gather and work intensively for three days. It is the best place to meet and participate with all the key people and projects. This is a comprehensive list of the technology communities that are covered.

The event does not have a pre-set agenda instead as people register they are asked what they would like to present about, learn and discuss with peers/industry experts. These are all collected here . The first morning of the conference will be introductory orientation about key projects and technologies in the community. After that the community creates the agenda itself using the Open Space Method. Dinner both Tuesday and Wednesday are a big part of the conference.

Here are links to notes that cover most of the sessions from the last two conferences IIW #8 spring of 2009     IIW #7 fall of 2008

These documents are great resources for convincing your boss of the value of this event.

The heart of the workshop is a practical idealism in working towards the shared vision of a decentralized, user-oriented identity layer for the Internet.

Because the web was built around “pages”, no tools or standards were created to control how the information about you was collected or used. At the Internet Identity Workshop we bring the people creating these tools and standards so people can safely manage their online identity and control their personal data.

It is not about any one technology – rather it is a place to discuss multiple interoperating (and possible competing) projects, standards, and networks for identity, data sharing, and reputation.

As part of Identity Commons, the Internet Identity Workshop creates opportunities for both innovators and competitors. We provide an open forum for both the big guys and the small fry to come together in a safe and balanced space.

There are a wide range of projects in the community:

  • Open conceptual, community, and governance models.
  • Open standards and protocols.
  • Open source projects.
  • Commercial projects.
  • Projects to address social and legal implications of these technologies.
  • Efforts to rethink the business models and opportunities available with these new technologies.

User-centric identity is the ability:

  • To use one’s identifier(s) on more than one site
  • To control who sees what information about you
  • To selectively share presence and profile information
  • To maintain multiple identities and personas in the contexts you wish
  • To aggregate attention, navigation, and purchase history from the sites and communities you frequent
  • To move and share your personal data, relationships, documents, and other publications as you wish

All of the following are active topic areas at each IIW:

  • Improving Existing Legal Constructs Privacy Policies Terms of Service
  • Creating New Legal Constructs – Limited Liability Personas, Identity Rights Agreements
  • Creating New Business Models – Identity Oracle, I-Brokers
  • New Citizenship Perspectives – Activism Community, Event Coordination, Community Identity and Data Sharing

The Internet Identity Workshop (IIW) was founded in the fall of 2005 by Phil Windley, Doc Searls and Kaliya Hamlin. IIW is a working group of Identity Commons The event has been a leading space of innovation and collaboration amongst the diverse community working on user-centric identity.

Identity for Online Community Managers

I was asked by Bill Johnson of Forum One Networks to kick off the discussion on the next Online Community Research Network call this week with the topic Identity for Online Community Managers – drawing on the presentation that I put together for the Community 2.0 Summit. I cover the basics of how OpenID, OAuth and Information Cards work, who is “in” terms of supporting the projects and what community managers/platforms can do. We will discuss the implications of these new identity and data sharing protocols on the call.

Online Identity for Community Managers: OpenID, OAuth, Information Cards

View more documents from Kaliya Hamlin.
I will also be attending the Online Community Summit in October Sonoma and will be sharing about these and other technologies there.

Freedom to Aggregate & Disaggregate oneself online.

I presented this slide show at the Oxford Internet Institute meeting in April that considered A Global Framework for Identity Management.

You could sum it up this way – “stuff happens in peoples lives and the need the freedom to go online and get support for those things and not have it all linked back to their “real identity.”

The slides are moving (drawing from post secret post cards) and it is worth watching if you don’t think people need this freedom.

its that SXSW picking time of year

200908181123.jpg

This year there are 2200 panels submitted for 300 slots. It is great they are going with community generated ideas for the conference. It is also hard to tell what will be happening in our fast moving industry 7 months from now. PLEASE go to SXSW create an account and then vote for these two :)

I put a lot of thought in to what to put forward this year knowing it would be 9 months out. One of the trends that is just starting to emerge is identity verification – my hunch is that by March this will be a topic getting a lot of attention and worth exploring at SXSW.

Who are you? Identity trends on the Social Web.

“On the Internet Nobody Knows You’re a Dog” Is this famous New Yorker cartoon still true? Twitter is doing verified accounts. Facebook claims everyone using their “real name” gives strong social validation ‘proof’. Equifax is validating age with information cards (digital tokens). We will explore the current trends and their implications for the future.

  1. What is identity?
  2. Why are people doing identity validation?
  3. Who is doing identity validation?
  4. Why are websites seeking people who have had their identities validated?
  5. Is identity validation improving the web?
  6. What are the current open standards in this space?
  7. Are approaches by men and women different about idnetity presentation and validation?
  8. What kinds of businesses are requiring online identity validation for customers?
  9. Is identity validation going to squish “free speech”?
  10. How is this trend changing the web?

With my She’s Geeky hat on: What Guys are Doing to Get More Girls in Tech!

The point of this is to get beyond the women say there are issues in the field and guys say there isn’t – to have guys who know there is an issue and are proactively doing constructive stuff to address it.

Many tech fields have a low percentage of women. If you are a guy do you wonder what you can do about it? Learn about successful strategies and proactive approaches for supporting women you work with and participate in community with. We will even cover some well-intentioned efforts that have gone awry.

  1. How many women by percentage participate in different technical fields?
  2. Why does it matter that they are underrepresented in these fields?
  3. What are the cultural norms that men and women have about performance and self-promotion?
  4. What is Male Programmer Privilege?
  5. What can a guy do who has a sister that is math/science inclined but being steered away from the field?
  6. How have the men on the panel improved things in their workplaces?
  7. How have the men on the panel addressed the challenges that arise in open communities? (that is where you don’t have a boss that fires people for inappropriate behavior/comments)
  8. What are the qualities of a workplace that is friendly for women?
  9. How to go beyond tokenism in workplaces, communities and conferences?
  10. How to encourage women more?

Other interesting Preso/panels covering Identity topics:

The Politics & Economics of Identity Put forward by my friend Liza Sabature of Culture Kitchen and the Daily Gotham Identity Politics” has always been left to the realm of feminist, civil rights activists, aka “minority politics”. This panel will explore the social and political ramifications of the business of identity and reputation. We will talk about the good, the bad and the ugly and what social entrepreneurs, businesses and digital activists are doing to impact this new economy.

  1. What is identity?
  2. What is reputation?
  3. What is privacy?
  4. How have big business historical monetized privacy?
  5. How social media works on identity and reputation?
  6. Online surveillance in the US : DMCA, FISA, Patriot Act
  7. Facebook BEACON : a study on how not to spy on people for fun and profit
  8. Google Adsense or Spysense?
  9. What are Vendor-Relationship Management systems?
  10. Will we need “Identity Management Systems” instead of VRMs?

Distributed Identity: API’s of the Semantic Web Without much conscious thought, most of us have built identities across the web. We fill in profiles, upload photos, videos, reviews and bookmarks. This session will explore the practical use of Social Graph API and YQL to build new types of user experience combining identity discovery and data portability.

Online Gatekeeping: Who Died and Made You King? by Liz Burr As the web becomes more open via social networks, we’re adopting new rules of communication. But who creates these rules? How much does class, race and gender figure into social media policing? We’ll discuss how identity affects social networks, as well as look at how online communities police themselves as participation expands.

  1. Which groups are in control of what is worth sharing via social media?
  2. Are the under-25 community using social media differently?
  3. How do we recognize and confront social media ‘gatekeepers’?
  4. Is our behavior in online communities merely a reflection of offline stereotypes and experiences?
  5. What is the impact of the amplification of social stereotypes online on under-represented groups?
  6. How do we integrate previously, under-represented groups into this more social world?
  7. Is there really such a thing as a “digital ghetto”? If so, is it our responsiblity to combat it?

OpenID: Identity is the platform is put forward by Chis Messina.
I have to say it is really great to have this be put forward so plainly and simply – to “get religion” about user-centric tdentity and its central role in shaping the fugure the social web.

Ignore the hype over social networking platforms and web OS’s! The platform of the social web is identity. Facebook and Twitter Connect are just the beginning of the era of user-centric identity. I’ll go beyond the basics of OpenID and learn how to effectively incorporate internet identity into your apps.

Your Online Identity After Death and Digital Wills

If you died tomorrow, would someone take care of your internet accounts? How do you tell subscribers the blogger has died? Every day people die and no one can access their email. Let’s explore what can be done to manage your online identity after you pass on.

  1. What usually happens to email accounts when a person dies? Policies for Gmail, Yahoo, Hotmail and AOL
  2. What about WordPress.com and Blogger for digital policies concerning the death of a blogger?
  3. Do You have a digital will setup?
  4. Products and services to manage digital wills, electronic correspondence after death and auto replies.
  5. Grief, “You Have Mail” and online memorial services.
  6. Who owns blog content after the death of a blogger?
  7. How to calculate the worth of your website or blog.
  8. How can you manage your online accounts and passwords for easy access after you pass?
  9. What are some recent legal examples of online account ownership disagreements?
  10. How to keep your passwords safe?

How to Benefit from 1-Click Identity Providers by Luke Shepard from Facebook.

Sites across the Web are opening up to support open identity platforms, such as OpenID. How can companies at scale and those with large user bases successfully work with open standards including OpenID, Activity Streams and new social markup language specs? Can companies survive the challenges of incorporating OpenID into their websites?

  1. Are there any success stories with OpenID?
  2. What does the OpenID user experience look like?
  3. Who has implemented OpenID?
  4. What have been some of the failures of OpenID?
  5. What is OpenID?
  6. What are the user benefits of OpenID?
  7. How can websites educate users about open protocols?
  8. What are the privacy concerns around OpenID?
  9. What kind of user data is made available to sites when they implement OpenID?
  10. What will it take for OpenID to become mainstream?

Crime Scene: Digital Identity Theft


ID biz models “in the future maybe” says Johannes

Johanne Ernst is a builder of Identity technologies (and one of the clearest thoughtful thinkers about identity technologies and markets. He just posted a great post about business models in the identity space. I know he has at various times tried raise money as an entrepruner in this space – so he has thought a lot about the business models.

For those of you who don’t know Johannes he developed Light-Weight Identity (LID) a URL based ID system at the same time Brad Fitzpatrick did at Live Journal and then participated in merging it all together into YADIS discovery which became woven together with OpenIDv1, XRI/i-names  and sxip to become OpenIDv2. He also was the first drawer of the identity triangle (OpenID, SAML, InfoCards) which evolved into the Venn of Identity.

Many people have ideas for value-added services that could be sold once sufficiently many users used internet identities at enough sites. The trouble is that the transaction volume for OpenID (or any other identity technology on the internet) is still far too low to make this viable.

The mot important sentence is this one – Let’s not confuse being majorly annoyed how long this is all taking (speaking about myself here) with something being fundamentally wrong (because there isn’t).

I take heart with what he has to say especially because he addresses it to a big part of what I do – organize (un)conferences to continue momentum for the field.

From his post:

Value-added services:
Many people have ideas for value-added services that could be sold once sufficiently many users used internet identities at enough sites. The trouble is that the transaction volume for OpenID (or any other identity technology on the internet) is still far too low to make this viable.

So the verdict here is: perhaps in the future.   

So what’s an analyst, or conference organizer, or entrepreneur, or venture capitalist to do?

My take: Hang in there, keep the burn rate low, make no major moves, would be my advice. (Believe it or not, sometimes I’m being asked about my advice on this.) All the signs are pointing in the right direction, the latest being Google’s major OpenID push. Let’s not confuse being majorly annoyed how long this is all taking (speaking about myself here) with something being fundamentally wrong (because there isn’t).

Sooner or later, at least the value-added services opportunity will emerge. Perhaps others. But so far it has not yet.

Identity & Gov and & Open Standards

I am really happy to let you all know about this forth coming OASIS ID-Trust Identity Management 2009 event September 29-30.

The theme of the event will be “Transparent Government: Risk, Rewards, and Repercussions.”

The U.S. National Institute of Standards and Technology (NIST) will be hosting it in Gainthersburg, Maryland.

In the why attend the reference part of a directive by Barack Obama to the National Security Council and Homeland Security Council.

“to defend our information and communications infrastructure, strengthen public/private partnerships, invest in cutting edge research and development and to begin a national campaign to promote cyber-security awareness and digital literacy.” The U.S. federal government aims to accomplish all of this while becoming increasingly open and transparent.

The program is now available – and looks quite good.

There is a discount available until August 31. There are special registration proceedures for non-US citizens.

Web Finger! moving out into world

I love the Internet Identity Workshop! it is where innovative ideas are hatched, answers to hard problems are vetted and standards consensus emerges. This is just the latest in amazing collaborations that have emerged.

Web Finger was covered on Tech Crunch today with this headline – Google Points At WebFinger. Your Gmail Address Could Soon Be Your ID.

At IIW in May they had a session lead by John Panzer. The notes were not filled out that much but (All the Notes from IIW)   

but there is a white board of their conversation and a link to what google had up.

Chris Messina spliced it together

XRD the discovery protocol is part of how Web Finger works. This spun out of XRI.

Techcrunch didn’t explicitly pick up on the fact that Eran Hammer-Lahev has been a key collaborator and is at Yahoo! (they did link to the mailing list where he is posting). He has been really driving XRD forward lately.

All exciting stuff.

DiSo ideas are not that new.

Reading these:

A Perfect Storm Forming for Distributed Social Networking- Read Write Web

Evolution of Blogging – GigaOm

The Push Button Web – Anil Dash

The inside Out Social Network – Chris Messina

The Future Social Web – Jeremiah Owyang

I realize how incredibly ahead of the times I was along with many of the people I have been working with on open standards identity and social web standards.

I wrote this describing open standards for distributed social networking online in April of 2004f or the Planetwork Conference (from Archive.org)  that I was promoting.

———————— From Archive.org April 2004 ——————

ID Commons: Social Networking For Social Good: Creating Community Trust Infrastructure Through An Identity Commons

In 2003 the Planetwork LinkTank white paper The Augmented Social Network: Building Identity and Trust into the Next-Generation Internet proposed weaving new layers of identity and trust into the fabric of the Internet to facilitate social networking for social good – online citizenship for the information age.

The LinkTank white paper outlined three main objectives:

  1. Establishing a new kind of persistent online identity that supports the public commons and the values of civil society.
  2. Enhancing the ability of citizens to form relationships and self-organize around shared interests in communities of practice and engage in democratic governance.
  3. Creating an Internet-wide system for more efficient and effective knowledge sharing between people across institutional, geographic, and social boundaries.

Currently each site with a login or membership profile is like an island, or at worst a walled castle, as no common inter-operation is possible among large numbers of them. Creating a truly interoperable network will require an explicit social agreement that governs the operation of the trusted network, and implementation of a new software protocol consistent with that agreement.

Identity Commons

[note this is a reference to the “first” Identity Commons – the current Identity Commons shares the values and some of the organizing principles of this first organization but evolved from it]

The Identity Commons is an open distributive membership organization, designed to develop and operate a common digital identity infrastructure standard based on the shared principle of protecting each user’s control of their own identity data. A common identity infrastructure must be embedded within a binding social agreement ensuring that the technology and its institutional users operate in accordance with core principles. In addition to developing this agreement, Identity Commons is managing the development and implementation of the new technology needed to achieve this as a fiscal project of Planetwork, a California 501(c)3 non-profit.

The Identity Commons is based on an implementation of two new OASIS standards:

XRI – a new identity addressing scheme fully compatible with URIs
XDI – specifies link contracts for shared use of data across the Internet

For more technical information see: http://xrixdi.idcommons.net

Once implemented, the Identity Commons infrastructure will:

  • Give individuals, organizations, and even ad-hoc groups persistent addresses (digital identities) that can be used in many ways. Each party can decide what their own address links to, and who can follow the links.
  • Provide single sign-on, enabling individuals to connect to multiple sites without having to provide a login and password to each.
  • Empower user/citizens to manage their own consolidated profiles, which will be likely to stay up to date as everyone maintains only their own master copy.
  • Generate network maps that enable communities to more efficiently understand their own membership, make connections, recognize patterns, filter messages, and self-organize around new topics and functions.
  • Provide collaborative filtering services based on knowledge and reputation databases where contributors can also control their own level of anonymity.
  • Enable group formation around common interests and affinities with reputation attributes for trusted communication, which could be the key to eliminate spam.

How is this different from what is already happening in the private sector?

Currently every web site has a privacy policy, but they vary widely, are rarely read, are only good until they are changed and are thus effectively useless.

The Identity Commons (IC) solves this by (1) replacing thousands of privacy policies with a single institutional membership agreement that simplifies the user experience. Every Identity Commons member site is party to a legally binding commitment that can only be changed by amending the IC membership agreement – which is governed by all IC members. And (2) by using electronic contracts to grant, record, and enforce data sharing across boundaries.

Ultimately there can only be one fully interoperable social network; just as email can travel anywhere on the Internet, your profile must also be able to do so. Microsoft would love to make this possible, and fully control it – their Passport system was designed to do just that. By hosting identity data for nearly everyone who has a computer Microsoft hopes to put themselves in the middle of every transaction they can.

In response to this, a group of large companies formed the Liberty Alliance which developed protocols that will allow institutions to “federate” data across company boundaries. Federation is an improvement over the Microsoft Passport model, however, both of these approaches treat individuals solely as consumers, and neither provide support for civil society, citizen collaboration or for individual citizens to control their own identity data.

The Identity Commons agreement and technical infrastructure is a way to correct this imbalance of power, allowing the Internet to fulfill its great potential as a “commons” in which individual citizens can interact freely and as equals everywhere on Earth.

————- end Identity Commons description from Planetwork’s 2004 site ———

Writing this document was the first work that I did as an evangelist for the proposed open standards for distributed digital identity to enable open distributed social networks.
I wrote it based on reading through all their work and listening to their vision of the founders of Identity Commons and those working together for 2+ years hoped for in the adoption of the open standards they were working on. These protocols are now all ratified in OASIS (one of three standards bodies for the internet the other two being IETF and W3C) – XRI, XDI along with XRD/XRD that spun out of XRI as it became incorporated in OpenIDv2 as a key part of what makes it work.

Identity that is user owned, controlled managed – and this includes the preferences, attention data, uterances, 1/2 of transaction data – is at the heart of what one needs to make this vision of distributed social networking work. I think until recently it has been misunderstood as esoteric and just talk – amazing progress has been made since the early days of the identity gang that community has grown and developed many of the conceptual understandings and protocols that are taken as givens.

Folks from what the identity community (and perhaps should consider “updating” its name to the identity and social web community).…invented – as in used for the first time these two words together Social and Web – SOCIAL WEB – (according to wikipedia)

With the title of this paper: The Social Web: Creating An Open Social Network with XDI

This paper was preceeded by the Augmented Social Network: Building and Trust into the Next Generation Internet

Like the Web or email, the ASN would be available to anyone. It would become a common part of the Internet infrastructure – a person-centered and group-centered service of the net. It will be implemented through the widespread adoption of technical protocols; any online community infrastructure could choose to be part of the ASN by implementing them. Central to its design are fundamental principles of openness, inclusivity, and decentralization — which are necessary for a thriving democracy. At the same time, the ASN would support the highest available forms of security to protect privacy.

The Identity Gang began talking/meeting in the later part 2004 and has continued to meet in the Internet Identity Workshop.

There is much wisdom that these communities have developed that can be useful in moving / re-articulating the vision… to be sure lessons are to be learned from understanding more about why certain approaches/standards/proposed ways of doing things didn’t happen (yet).

I think the market wasn’t ready for what the identity community was saying. As someone who has been evangelizing about this set of issues practically full time since 2004. In the first few years I would talk in a range of communities and at conferences about all these issues, user control, open standards the danger of the potential emergence of large silo’s that locked users in and people just “didn’t get” it was an issue or that there was even a need for these kinds of standards. Now the market is finally ready.

The 9th Internet Identity Workshop  is this November – and REGISTRATION IS OPEN!

There is a whole conversation on the DiSo list where I highlighted this context/history. There might be a beer meetup in Berkeley this evening at Triple Rock at 7:30.

Digital Identity -> Sculpture

My friend Cameron Hunt sent me a link to this AMAZING site this morning.

IDENTITÄT: the »Gestalt « of digital identity

From the far end of the Concept page:

The goal of the project was not to create a readable data sculpture of someone’s digital life, but to express how an analogue snapshot of complex dig­ital identities can be presented. Based on four de­fined cri­te­ria all sculp­tures had to be compa­ra­ble in their form, size and ex­pres­sion. Af­ter generating those sculp­tures based upon the particles only, we added time as an under­lying factor. The particle system, which rep­resents a persons inter­ests, spreads in space until it is bal­anced. The speed of this expan­sion, the thickness of the cre­ated hull and the starting point of the drawing process is connected to the factors age, activ­ity and communication behav­ior.


This system leads to an embod­i­ment for the final ~Gestalt of dig­ital identity. A still life of an ongo­ing process about re­defining and dec­orating. This dynam­ic process of dig­ital »day life« is cap­tured in our person­al interpretation of the dig­ital identity as an amorp­hous sculp­ture.
The Process Page says more about how they did it.

Great Identity News

Yesterday the Government hosted a workshop in DC: Open Government Identity Management Solutions Privacy Workshop.

The OpenID Foundation and the Information Card Foundation are working with the U.S. General Services Administration to create open trust frameworks for their respective communities.

Drummond Reed and Don Tibeau announced their paper Open Trust Frameworks for Open Government.

Quiet and intense work has been going on since just before the last IIW on all this, so it is great to see it begin to see the light of day.

The OpenID Foundation had a wonderful new redesign that Chris Messina announced. This page really made me smile: Get an OpenIDSurprise! You may already have an OpenID.

Axel did a Wordle of it: