Developer Workshop For Those Interested in Using Identity in Their Services and Tools

The Internet Identity Workshop presents an
Informational Morning for Developers

Hosted by Doc Searls,Mary Hodder and Kaliya Hamlin

Monday, December 12, 2005 9-12 noon, with lunch from 12-1

Canton Dim Sum @ 655 Folsom St in San Francisco.

Cost $20 for lunch (PLEASE RSVP HEREas the Canton Restaurant has been kind enough to give us the space if we all have lunch there, but we need an accurate count by Sunday at noon).

If you are a developer working on a application that has folks login – this is a morning for you.

Doc Searls will begin the day giving an overview of the identity landscape. He and others will answer the question:
* Why do identity systems matter when building new systems and tools?

We are bringing together a spectrum of folks who have been working on developing identity systems and tools. Identity Developers will share their work, basics and best practices to date to get started exploring integrating identity into these applications. These include YADIS, LID, Open ID, i-names/XRI, SXIP, among others.

Developers of applications who have included identity into their services and tools will share briefly how they’ve done it. Application developers will hear from and meet with identity developers to ask questions.

Event Info
Detailed Agenda
and RSVP here.
(sorry for the 2nd post on this blog but it finally sound.

Building an App? come and learn about the identity landscape.

Mary Hodder, Identity Woman Kaliya and Doc Searls are hosting an Internet Identity Workshop informational morning on December 12th at the Canton Won Ton at Folsom and Third in downtown San Francisco. It is before the Syndicate conference workshops that start in the afternoon.

The event starts at 9 goes to 12 with lunch after that. Cost is $20 for lunch.
It will be a very interactive event and you will get to meet all the key identity developers and an overview of options to build identity into systems.

You will need to sign up on the wiki.

Technorati Tags: , , , ,

Marc on the Open Web

Marc Canter’s AlwaysOn article finally is out. Breaking the Web Wide Open!

For decades, “walled gardens” of proprietary standards and content have been the strategy of dominant players in mainframe computer software, wireless telecommunications services, and the World Wide Web—it was their successful lock-in strategy of keeping their customers theirs. But like it or not, those walls are tumbling down. Open web standards are being adopted so widely, with such value and impact, that the web giants—Amazon, AOL, eBay, Google, Microsoft, and Yahoo—are facing the difficult decision of opening up to what they don’t control.

Identity is the first topic covered and he does a great job summarizing:

Right now, you don’t really control your own online identity. At the core of just about every online piece of software is a membership system. Some systems allow you to browse a site anonymously—but unless you register with the site you can’t do things like search for an article, post a comment, buy something, or review it. The problem is that each and every site has its own membership system. So you constantly have to register with new systems, which cannot share data—even you’d want them to. By establishing a “single sign-on” standard, disparate sites can allow users to freely move from site to site, and let them control the movement of their personal profile data, as well as any other data they’ve created.

Identity 2.0 is all about users controlling their own profile data and becoming their own agents. This way the users themselves, rather than other intermediaries, will profit from their ID info. Once developers start offering single sign-on to their users, and users have trusted places to store their data—which respect the limits and provide access controls over that data, users will be able to access personalized services which will understand and use their personal data.

The Initiatives:
Right now, Identity 2.0 is under construction through various efforts from Microsoft (the “InfoCard” component built into the Vista operating system and its “Identity Metasystem”), Sxip Identity, Identity Commons, Liberty Alliance, LID (NetMesh’s Lightweight ID), and SixApart’s OpenID.

More Movers and Shakers:
Identity Commons and Kaliya Hamlin, Sxip Identity and Dick Hardt, the Identity Gang and Doc Searls, Microsoft’s Kim Cameron, Craig Burton, Phil Windley, and Brad Fitzpatrick, to name a few.

Passel: identity. remixed.

DizzyD presented on Passel and The Identity Gang is in the HOUSE! Johanes, Doc, Phil, Mary and Mary – wow three identity women.
He also didn’t really approach it right he didn’t get all the different systems and how they worked and we were all in the audience correcting him. It really highlighted the need for the workshop we are hosting in October.

Here is the summary:
How do I as user my identity on the web?
The ‘story that started it all’
Wife’s machine got Trojan. I had to change all passwords everywhere.

What is Identity?!
Identity is just another class of information we manage.
It’s a second-order problem. When I get on the net I get on it to do Identity Management other tasks.

What is Identity [Italicized] ?
Depends on the setting

Bottom line two fundamental types
third party vouch for and self asserted

His summary of the other stuff..

What are the options:
Passport
All others are not inherently evil.
everyone is throwing protocols against the wall and seeing which ones stick.
who do you trust to host you identity?

SAML
SAML/Liberty
trust relatinoship between two entities on your behalf
“asserting” used a lot in this world….and I will use it a lot

Standards are well documented and widely deployed. Lots of infrastructure required for trust relationships. Conditionals and trust relationships not viable from an open source stand point. Took a lot of time for a second order problem.

SXIP
Identity is locked into who the identity provider. You can change home sites. not locked in. Run on own machine. Powerful for users with centralized for user to move.

LID
Send information back and forth and urls based.

OpenID
No dynamic scripting needed. You have your identity URL tell via meta tag where identity server is. enter URL – blog URL. LiveJournal do you allow it to authenticate?

Can’t i-names do this?
He asserted wrongly that there was not reputation (global services launch will embed reputation in the messaging/contact system.

For Internet-scale Identity needs

  • Aggregate IDentity
  • Decentralized and open
  • Divers programming Language/environments
  • Interoperable implementations
  • Bootstrap off existing trust models

PASSEL
Gives you more control over data
Aggregates your identity via user-centric three-piece architechure
implemntations already started Perl, PHP, Java and C#
Pluggable trust models.

Generalized model for proving any DNS-based identifier
Trust Model

  • how you prove the signer
  • person x
  • Moving identity information proving that a
  • protocol how move around
  • plug in how you trust information

PIECES:
Agent (principle’s computer)

  • aggregates into portfolio
  • public private key and fingerprint
  • natively if not
  • Zip file on key – use on different locations

Signer (site that makes assertions)

  • signer issues token with for example 4 hour life span
  • agent must retrieve new token from dizzyd.com

Target (relying party)

  • how does the
  • retrieval of public key.

Technorati Tags: , , ,

Jerry’s experiment tomorrow

Jerry Michalskiis going to be doing an experiment tomorrow – Monday night at the Hillside club.

At this Fireside Meeting, Jerry will blend a performance piece that involves the audience and a piece of concept-mapping software called TheBrain with a thesis he’s developing that will either have you grinning enthusiastically or throwing spoiled vegetables. It’s an experiment, and whoever shows up will help shape it.

This is an interesting fact I didn’t know Marc Finnern posted on the Future Salon.

At AlwaysOn a week ago I talked to Doc Searls and he told me that the original idea for the Cluetrain Manifesto was born 10 years ago at one of Jerry’s retreats. There are many events in the Bay Area, but this one you shouldn’t miss.

As a forward looking thinker Jerry has a lot of good things to say about identity and we often chat about the field. I am looking forward to going to the next (my first) “Jerry’s retreat.” Hopefully he can come to the Identity Event in Berkeley in October details to follow this week.