Developer Workshop For Those Interested in Using Identity in Their Services and Tools

The Internet Identity Workshop presents an
Informational Morning for Developers

Hosted by Doc Searls,Mary Hodder and Kaliya Hamlin

Monday, December 12, 2005 9-12 noon, with lunch from 12-1

Canton Dim Sum @ 655 Folsom St in San Francisco.

Cost $20 for lunch (PLEASE RSVP HEREas the Canton Restaurant has been kind enough to give us the space if we all have lunch there, but we need an accurate count by Sunday at noon).

If you are a developer working on a application that has folks login – this is a morning for you.

Doc Searls will begin the day giving an overview of the identity landscape. He and others will answer the question:
* Why do identity systems matter when building new systems and tools?

We are bringing together a spectrum of folks who have been working on developing identity systems and tools. Identity Developers will share their work, basics and best practices to date to get started exploring integrating identity into these applications. These include YADIS, LID, Open ID, i-names/XRI, SXIP, among others.

Developers of applications who have included identity into their services and tools will share briefly how they’ve done it. Application developers will hear from and meet with identity developers to ask questions.

Event Info
Detailed Agenda
and RSVP here.
(sorry for the 2nd post on this blog but it finally sound.

Building an App? come and learn about the identity landscape.

Mary Hodder, Identity Woman Kaliya and Doc Searls are hosting an Internet Identity Workshop informational morning on December 12th at the Canton Won Ton at Folsom and Third in downtown San Francisco. It is before the Syndicate conference workshops that start in the afternoon.

The event starts at 9 goes to 12 with lunch after that. Cost is $20 for lunch.
It will be a very interactive event and you will get to meet all the key identity developers and an overview of options to build identity into systems.

You will need to sign up on the wiki.

Technorati Tags: , , , ,

Marc on the Open Web

Marc Canter’s AlwaysOn article finally is out. Breaking the Web Wide Open!

For decades, “walled gardens” of proprietary standards and content have been the strategy of dominant players in mainframe computer software, wireless telecommunications services, and the World Wide Web—it was their successful lock-in strategy of keeping their customers theirs. But like it or not, those walls are tumbling down. Open web standards are being adopted so widely, with such value and impact, that the web giants—Amazon, AOL, eBay, Google, Microsoft, and Yahoo—are facing the difficult decision of opening up to what they don’t control.

Identity is the first topic covered and he does a great job summarizing:

Right now, you don’t really control your own online identity. At the core of just about every online piece of software is a membership system. Some systems allow you to browse a site anonymously—but unless you register with the site you can’t do things like search for an article, post a comment, buy something, or review it. The problem is that each and every site has its own membership system. So you constantly have to register with new systems, which cannot share data—even you’d want them to. By establishing a “single sign-on” standard, disparate sites can allow users to freely move from site to site, and let them control the movement of their personal profile data, as well as any other data they’ve created.

Identity 2.0 is all about users controlling their own profile data and becoming their own agents. This way the users themselves, rather than other intermediaries, will profit from their ID info. Once developers start offering single sign-on to their users, and users have trusted places to store their data—which respect the limits and provide access controls over that data, users will be able to access personalized services which will understand and use their personal data.

The Initiatives:
Right now, Identity 2.0 is under construction through various efforts from Microsoft (the “InfoCard” component built into the Vista operating system and its “Identity Metasystem”), Sxip Identity, Identity Commons, Liberty Alliance, LID (NetMesh’s Lightweight ID), and SixApart’s OpenID.

More Movers and Shakers:
Identity Commons and Kaliya Hamlin, Sxip Identity and Dick Hardt, the Identity Gang and Doc Searls, Microsoft’s Kim Cameron, Craig Burton, Phil Windley, and Brad Fitzpatrick, to name a few.

Passel: identity. remixed.

DizzyD presented on Passel and The Identity Gang is in the HOUSE! Johanes, Doc, Phil, Mary and Mary – wow three identity women.
He also didn’t really approach it right he didn’t get all the different systems and how they worked and we were all in the audience correcting him. It really highlighted the need for the workshop we are hosting in October.

Here is the summary:
How do I as user my identity on the web?
The ‘story that started it all’
Wife’s machine got Trojan. I had to change all passwords everywhere.

What is Identity?!
Identity is just another class of information we manage.
It’s a second-order problem. When I get on the net I get on it to do Identity Management other tasks.

What is Identity [Italicized] ?
Depends on the setting

Bottom line two fundamental types
third party vouch for and self asserted

His summary of the other stuff..

What are the options:
Passport
All others are not inherently evil.
everyone is throwing protocols against the wall and seeing which ones stick.
who do you trust to host you identity?

SAML
SAML/Liberty
trust relatinoship between two entities on your behalf
“asserting” used a lot in this world….and I will use it a lot

Standards are well documented and widely deployed. Lots of infrastructure required for trust relationships. Conditionals and trust relationships not viable from an open source stand point. Took a lot of time for a second order problem.

SXIP
Identity is locked into who the identity provider. You can change home sites. not locked in. Run on own machine. Powerful for users with centralized for user to move.

LID
Send information back and forth and urls based.

OpenID
No dynamic scripting needed. You have your identity URL tell via meta tag where identity server is. enter URL – blog URL. LiveJournal do you allow it to authenticate?

Can’t i-names do this?
He asserted wrongly that there was not reputation (global services launch will embed reputation in the messaging/contact system.

For Internet-scale Identity needs

  • Aggregate IDentity
  • Decentralized and open
  • Divers programming Language/environments
  • Interoperable implementations
  • Bootstrap off existing trust models

PASSEL
Gives you more control over data
Aggregates your identity via user-centric three-piece architechure
implemntations already started Perl, PHP, Java and C#
Pluggable trust models.

Generalized model for proving any DNS-based identifier
Trust Model

  • how you prove the signer
  • person x
  • Moving identity information proving that a
  • protocol how move around
  • plug in how you trust information

PIECES:
Agent (principle’s computer)

  • aggregates into portfolio
  • public private key and fingerprint
  • natively if not
  • Zip file on key – use on different locations

Signer (site that makes assertions)

  • signer issues token with for example 4 hour life span
  • agent must retrieve new token from dizzyd.com

Target (relying party)

  • how does the
  • retrieval of public key.

Technorati Tags: , , ,

Jerry’s experiment tomorrow

Jerry Michalskiis going to be doing an experiment tomorrow – Monday night at the Hillside club.

At this Fireside Meeting, Jerry will blend a performance piece that involves the audience and a piece of concept-mapping software called TheBrain with a thesis he’s developing that will either have you grinning enthusiastically or throwing spoiled vegetables. It’s an experiment, and whoever shows up will help shape it.

This is an interesting fact I didn’t know Marc Finnern posted on the Future Salon.

At AlwaysOn a week ago I talked to Doc Searls and he told me that the original idea for the Cluetrain Manifesto was born 10 years ago at one of Jerry’s retreats. There are many events in the Bay Area, but this one you shouldn’t miss.

As a forward looking thinker Jerry has a lot of good things to say about identity and we often chat about the field. I am looking forward to going to the next (my first) “Jerry’s retreat.” Hopefully he can come to the Identity Event in Berkeley in October details to follow this week.

How it ‘should’ work.

Doc is an endless source of amazement and wisdom. He has been communicating about this stuff so clearly for so long one wonders why they are not listening. At least the identity gang is.

The Net is a World
Craig Burton:
Think of the Net as a hollow sphere made entirely of people and resources it connects.
– It is the first world made by people for people.
We’ve only begun to terraform it
One of its virtues is the emptiness in the middle.

The Net is a World with Three Virtues
1. Nobody Owns it
2. Everybody can use it
3. Anybody can improve it

Notice the use of the word – body in these sentences not noone, everyone and anyone.

The history of the net is the history of its protocols.

Civilization doesn’t move all at the same speed.

mmm… this explains why marc is frustated with us meeting so much we are building infrastructure not buildings it takes a bit of time. Now that the infrastructure is there for real open standards for digital identity lets see what we can build with them.

Between two perspectives… Commerce and Governace lies infrastructure

Language is key

Listening and watching Doc’s slide show at Syndicate. It is great. One of the challenges he highlights is “Language” as a challenge in describing the new new media…

Cognitive Linguistics 101
we talk about things in the terms of other things

The REAL Matrix is the set of concepts we use to make sense of the world. We are not conscious of them. But they do our thinking and talking for us.

The Real Matrix is metaphors we talk about everything in terms of other things. We literally borrow whole vocabularies. Unconsiously.

Every Metaphor is a box of borrowed words – Concepts that frame our understanding.

Time is Money – we waste it save it spend it invest it lose it and set it aside

Life is Travel – Birth is arrival. Death is departure. Choices are crossroads and careers are paths.

What do we understand the NET in terms of …
Define broadcasting as transporting content. Not as speech.
Broadcast moves content through media. Speech happens in place.

There’s a fight going on between metaphors on the Net and the Web

  1. We “move” “content” through a “medium” with a “transport” protocol. So, it’s about shipping.
  2. We “architect,” “design,” “construct” and “build” “sites” with “addresses” and “locations” with “traffic.” So, its about real estate.
  3. We “write” or author” “pages and “files” of “writing that we “browse.” So, its about writing.
  4. We “perform” for an “audience” that has an “experience.” So it’s about theater.

The FCC does not currently view the net as a place. It sees it as a broadcasting and communications infrastructure that they should regulate. See this post

Speech informs. It is not about delivering content. The difference is critical – information is a commodity – it is derived from the verb to inform. Which is derived from the verb to form. Meaning that we actually form each other. We are changed by what we learn from each other. Authority is the right we give each other to form and shape what we know. Much of what happens on the net is sharing and improving ideas. This is how syndication happens and how new standards and practices grow in Blogging, podcasting, tags, identity and much more…

IDENTITY GANG is highlighted as an example of the snowball that can emerge out of conversations and how snowballs form.

Doc shows us the reason internet radio was killed – government regulation. This is the kind of government regulation that drives CATO and company crazy…I am beginning to see the reason they are anti-regulation – highly complex, requires teams of lawyers to discern and ‘follow’ correctly.

How do we use language in the identity space? How can be be more conscious of the language we are choosing to use? I hope that next ID Gang and at Catalyst we can have a few deep conversations on this. It also relates to policy usability. The terms we use to describe identity sharing policies must use appropriate language (metaphor) to describe what is going on.