IIW9 Highlights – IIW10 Reg Open

I am really pleased to share that the notes for IIW9 are available in PDF form now. All sessions also have a wiki page too.

Heidi Nobantu Saul did an amazing job collecting notes and we managed to get all session notes except a very few on the last day.

Highlights include:

The 10th Internet Identity Workshop is May 18-20.
Registration is Open Now and Extra Early Bird Rates are in effect until January 31.

IIW IX is open for business


Iiw9_4.png

Internet Identity Workshop number 9 is coming up in about 10 weeks. November 3-5 (Tuesday to Thursday) in Mountain View California at the Computer History Museum.

We are excited about all the developments in the industry with protocol evolution in the social web space AND larger and larger scale deployments of open identity technologies including OpenID and Information Cards.

There will be much to talk about at this fall’s event.

Early REGISTRATION is Open! UNTIL SEPTEMBER 16 then prices go up by $50-75

Early Bird Prices are….

  • $274 regular tickets
  • $148 for independents
  • $ 50 for students

We need to get 75 people registered by September 16 to make a final confirmation for our conference space at the Computer History Museum.

Special this year we have the “BIG” ticket for those can expense $998 (but can’t convince marketing to sponsor). This is a GREAT way to support IIW!

IIW is a completely community driven event – we don’t pay anyone for marketing – the community is our marketing.

Please put our LOGO ON our blog our WEBSITE.

Follow IIW on Twitter – @idworkshop

SPONSORSHIP OPPORTUNITIES ARE STILL AVAILABLE!!! Please contact Phil if you are interested in learning more phil@windley.org

JOIN THE COMMUNITY MAILING LIST

THE INVITATION TO IIW!

The Internet Identity Workshop focuses on “user-centric identity” and netizen empowerment on the social web trying to solve the technical challenge of how people can manage their own identity and social activity across the range of websites, services, companies and organizations that they belong to, purchase from and participate with.

This is where everyone from a diverse range of projects doing the real-work of making this vision happen gather and work intensively for three days. It is the best place to meet and participate with all the key people and projects. This is a comprehensive list of the technology communities that are covered.

The event does not have a pre-set agenda instead as people register they are asked what they would like to present about, learn and discuss with peers/industry experts. These are all collected here . The first morning of the conference will be introductory orientation about key projects and technologies in the community. After that the community creates the agenda itself using the Open Space Method. Dinner both Tuesday and Wednesday are a big part of the conference.

Here are links to notes that cover most of the sessions from the last two conferences IIW #8 spring of 2009     IIW #7 fall of 2008

These documents are great resources for convincing your boss of the value of this event.

The heart of the workshop is a practical idealism in working towards the shared vision of a decentralized, user-oriented identity layer for the Internet.

Because the web was built around “pages”, no tools or standards were created to control how the information about you was collected or used. At the Internet Identity Workshop we bring the people creating these tools and standards so people can safely manage their online identity and control their personal data.

It is not about any one technology – rather it is a place to discuss multiple interoperating (and possible competing) projects, standards, and networks for identity, data sharing, and reputation.

As part of Identity Commons, the Internet Identity Workshop creates opportunities for both innovators and competitors. We provide an open forum for both the big guys and the small fry to come together in a safe and balanced space.

There are a wide range of projects in the community:

  • Open conceptual, community, and governance models.
  • Open standards and protocols.
  • Open source projects.
  • Commercial projects.
  • Projects to address social and legal implications of these technologies.
  • Efforts to rethink the business models and opportunities available with these new technologies.

User-centric identity is the ability:

  • To use one’s identifier(s) on more than one site
  • To control who sees what information about you
  • To selectively share presence and profile information
  • To maintain multiple identities and personas in the contexts you wish
  • To aggregate attention, navigation, and purchase history from the sites and communities you frequent
  • To move and share your personal data, relationships, documents, and other publications as you wish

All of the following are active topic areas at each IIW:

  • Improving Existing Legal Constructs Privacy Policies Terms of Service
  • Creating New Legal Constructs – Limited Liability Personas, Identity Rights Agreements
  • Creating New Business Models – Identity Oracle, I-Brokers
  • New Citizenship Perspectives – Activism Community, Event Coordination, Community Identity and Data Sharing

The Internet Identity Workshop (IIW) was founded in the fall of 2005 by Phil Windley, Doc Searls and Kaliya Hamlin. IIW is a working group of Identity Commons The event has been a leading space of innovation and collaboration amongst the diverse community working on user-centric identity.

Web Finger! moving out into world

I love the Internet Identity Workshop! it is where innovative ideas are hatched, answers to hard problems are vetted and standards consensus emerges. This is just the latest in amazing collaborations that have emerged.

Web Finger was covered on Tech Crunch today with this headline – Google Points At WebFinger. Your Gmail Address Could Soon Be Your ID.

At IIW in May they had a session lead by John Panzer. The notes were not filled out that much but (All the Notes from IIW)   

but there is a white board of their conversation and a link to what google had up.

Chris Messina spliced it together

XRD the discovery protocol is part of how Web Finger works. This spun out of XRI.

Techcrunch didn’t explicitly pick up on the fact that Eran Hammer-Lahev has been a key collaborator and is at Yahoo! (they did link to the mailing list where he is posting). He has been really driving XRD forward lately.

All exciting stuff.

IIW & Identity Community Bumps in the Road

This is cross posted on the IIW blog .

When we first started meeting (the early “seedling” meetings of community) at other people’s conferences, there were Microsoft people, Liberty Alliance/SAML people, Shibboleth implementers, user-centric folks (OpenID, LID, sxip, i-names/xri), big idea folks (Doc Searls), etc. We met for a couple of hours at a time and knew there was common ground, but knew we needed more time to really understand each other: to have more of a shared language and develop enough strength in the relationships in the community to work together. We figured we needed to have more time to meet together, so we convened the Internet Identity Workshop. That first event was amazing and quite formative – kicking off the conversation that would lead to OpenIDv2 via Yadis. Kim Cameron presented his 7 laws of identity that have become foundational to community thinking and introduced the idea of information cards and selectors; much work is now happening around this.

Soon afterward Brett McDowell the ED at Liberty Alliance approached me and Phil about having an Internet Identity Workshop (IIW) next to (the days following and in the same location) an upcoming Liberty Alliance meeting. We thought this was a great idea to create more space for people to meet about user-centric identity technologies and issues. When Microsoft got wind of this, boy did I get an earful – they felt that the neutrality of IIW would be totally compromised if it came to be that closely associated with Liberty Alliance (remember Liberty Alliance was originally formed by Sun and others in response to Microsoft Passport).

IIW had provided a forum for anyone working on user-centric identity technologies to come together without anyone making an “agenda” for the meeting or creating a “technology road map.” Literally anyone who came could put a subject on the agenda on the day of the event. All parties did want to increase dialogue and cross-pollination among the groups, and we found a way through by jointly (IIW and Liberty Alliance) producing what we named the Identity Open Space (we also said we would be open to co-producing with others who asked – we did two with Digital Identity World). It was in Vancouver Canada and Kim Cameron along with several Microsoft folks along with many in the user-centric community attended and because it was the two days after a Liberty Alliance meeting many Liberty people were also there, and it was a good event that moved the industry forward.

Right in the middle of getting this worked out – I on a personal level had a very intense experience being caught in the middle – a giant trade association on one side and Microsoft on the other. We (me, Phil, Doc, Kim, Brett) managed to navigate this as a community and do the right thing and we became stronger as a community for having done so.

We continued to have IIW’s every 6 months and in 2006 it was clear we were going beyond just IIW and needed a community home/container to connect community efforts and provide common services (blogs, wikis, bank account for doing common work like holding events). We held a series of conversations and decided to create a community organization, drawing on an existing one, Identity Commons – the community liked the purpose and principles approach for bringing people together. As a codition of brand transfer to a our nonprofit organization we worked on our version of purpose and principles. There were some delays in actually getting the organization legally formed and the brand transfered, but in 2007 we were an official organization: a network of organizations, initiatives, and projects all working on different aspects of a people-centric identity layer of the web. There are several places you can read about community history and background around Identity Commons. I wrote “What the heck is Identity Commons?”.

Next fall we are hosting our 9th event. Many things have move forward significantly in the community – OpenIDv2, OAuth, Venn of Identity paper, OSIS Interop, Concordia use-cases, Information Card evolution including Augmented Browsing with Action Cards, Portable Contacts, Open Social, OpenID/OAuth hybrid, Activity Streams, Distributed Social Networking, Discovery particularly XRD. So what has made IIW work so well in fostering the kind of collaboration and innovation that has emerged from it?

  • We have kept the space free: no one has the ability to buy time at the conference.
  • All ideas are welcome: there is no committee controlling the agenda, so politics about what is “on the agenda” or “not” just doesn’t happen.
  • It is a working workshop to solve real problems, move technical projects forward and discuss interoperability among them.
  • We put attention towards creating the space for relationships between people to form naturally over time and thus enabled trust to grow.

Cultivating Community

Communities don’t usually “just happen” there is idea, or vision that attracts people, and there are community organizer(s) or catalysts that proactively seek out others who share a vision and help bring a community together.

Growing community, cultivating community, nurturing community, weaving community, building community, creating community – all slightly different metaphors describing this process that happens when people make the effort to create space (an environment) for people to meet, inviting people into the space and encouraging conversations that help connections and foster relatedness.

Community is what unfolds when people come together voluntarily, learn about one another, begin to care about one another, and start to do things together. In doing things together that are successful, trust develops and people begin to work and act together IN community, doing progressively more difficult things, becoming strong and more resilient.

Thanks to Malcolm Gladwell’s The Tipping Point we know about Connectors, Mavens, and Salespeople, social archetypes that play different roles, each with their own value in helping information flow, networks form and communities emerge.

It was great to have him articulate this i finally had a label for my own activity/passion – I have become a maven of a few things throughout the years. user-centric digital identity was a subject I really got into in 2003-4. I read everything I could about the subject as I began to meet some of the people thinking about it. I became passionate about the topic and applied my connector skills and started meeting finding people who were interested in the subject. Those who didn’t know about the subject I sold them on the idea :). I am not by nature a sales person about “anything” but only those things I believe in.

One can also see a community as the evolution and maturing of a network, that is the relationships between people. When beginning the links might be very weak, but in time as the potential community members get to know each other and take action together and the ties strengthen; they become a stronger and more resilient “real” community. A paper that was very influential in my understanding was Building Smart Communities through Network Weaving by Valdis Krebs and June Holley that I read in 2003 (along with every popular science book on network science out then: Linked, Sync, Six Degrees, Emergence, Nexus)

This paper investigates building sustainable communities through improving their connectivity – internally and externally – using network ties to create economic opportunities. Improved connectivity is created through an iterative process of knowing the network and knitting the network.

Knowing the network and knitting the network have been foundational in my practice of community weaving. I regularly meet with people in the community and help them get connected to others who’s work is related to their goals. Two examples first RSA as often happens those new to the community “knock on my door” and ask to meet for lunch or coffee to share what they are doing and learn more about who they should connect to in the community. Mike wanted to meet with me he to share about his new company Gluu that does inter-domain identity. It was great to learn what he was up to and also share papers/doc’s/projects relevant to his work and people he should meet. Yesterday I followed up with someone I invited to/and attended IIW. I spent 2.5 hours talking with Joe Johnston who attended about his efforts to bring interoperable identity (OpenID and other things) to Pachamama Alliance and other organizations with similar missions.

In terms of knowing and knitting networks between different communities/standards bodies/consortia/projects I wrote a post about Community Diplomats and Community Diplomacy last year thinking about different community-connecting roles and how if they are named they can be seen better and foster inter-group collaboration and communication.

Another essential but often un-named aspect/milestone of community development is communities development is shared language and then shared understanding. Shared Language is a prerequisite to collaboration enabling what were different perspectives and world views to sync, and then out of that it is much easier to work together. Eugene articulates three elements needed to create shared language:

  • Share individual contexts
  • Encourage namespace clash
  • Leave enough time and space to work things out

An example of shared language that was developed in the community was the identity gang lexicon that Paul and others worked on in 2004-2005 so that when discussing different identity technologies there was at least a common language to talk about them.

Another example of the evolution of the communities shared understanding grew out of Johannes original presentation at IIW2006 with the identity triangle with three pillars – user-controlled, company controlled and then microsoft controled. He did an updated it almost a year later explaining of the community language and understanding had evolved. This starting point was moved forward by Eve Maler creating the Venn of Identity and became an IEEE paper written by her and Drummond Reed. Johannes has continued to be a wholistic thinker about the landscape and in 2008 he articulated an onion to think about which identity technologies are applicable where.

Space and Spaciousness for community to form is a key part of what the Internet Identity Workshops have been about about. We have never “set the agenda” there but instead allow anyone attending to post a session idea. We encouraged dialogue with space rather then having an agenda.   

We have an amazingly rich community fabric of working relationships that is both resilient and delicate.

FU – The Monday After, Facebook Usernames and Your Domain on the Web

Last week it was announced that on on Friday Night at 9pm Pacific Facebook had a name space land rush. Everyone was free to pick for themselves their username that would appear in their URL. facebook.com/username

I actually found this a bit surprising – remember the big debate on the Social Web TV I had with Josh Elman about “real names.” He was against handles completely and felt that the big value facebook brought was “real names”. I argued for handles and the freedom to choose one’s “identity” on the web. I made the point that free society – having the ability freedom to have the option to have and use handles on the web NOT linked to our given/ in real life names. Another thing is that handles help us navigate namespace clash from regular names. Max from MySpace is 8bitkid not some other Max in a sea of Max’s.

I ran into Josh Elman at the Building43 party and we agreed I kinda won the debate with this latest development. It seems that having peoples pages rank higher in google is helped by having readable URL’s.

They of course “strongly encouraged” people to just pick a URL with one’s real name and did so by “suggesting” names that were derivatives of one’s name. You could override this and type in your own name choice (however defaults matter so most people will end up with names similar to their real name – rather then being asked to think up one). They give users an addressable identity.

Max Engel of MySpace became /8BitKid – his handle “everywhere”

David Recordon surprisingly didn’t go with DaveMan692 – his handle most places – he is /DavidRecordon

My friend Jennifer became /dangerangel as she had originally signed up for in Facebook but they disallowed her to have it.

I just became /Kaliya (I am hoping I can get enough fans to claim /identitywoman for that persona)

What is particularly interesting is the layers of identity in Facebook.

With a Facebook URLFacebook has the one’s username is not one’s e-mail address as it is with Google profiles and one also has a common name (or as they say “real name”) that is presented to throughout the system.

Google ironically enough they ask if you want a “contact” me button on your page that does not give away your e-mail address when the profile URL gives away your e-mail address.

Twitter has /usernames AND another display name of your choosing that is changeable (the /usernames are not). However most twitter clients display one or the other. If you are used to seeing the display name and then are on your phone that is only showing @handle /username then you don’t know who is talking.

Facebook usernames is another example Twitter feature adoption by Facebook others being activity streams becoming much more like twitter streams.

I said when I first “got” twitter about 18 months ago – a big part of the value it provided was its namespace. It gave me a cool anchor on the web that allowed communication between me and others via the web.

So how is it going so far? Inside facebook reports that over the weekend 6 million folks – 3% of their userbase gut URLs. 500,000 in the first 15 min, 1,000,000 in the first hour and 3 million in the first 14 hours.

There were several examples of FaceSquating. Mike Pence took Obiefernadez’s name.

Anil Dash has the funniest post ever about the whole thing. Highlight the point that users don’t need facebook URL’s they can just get their own domain name. He repeats this throughout the post about what these services are not telling you:

None of these posts mention that you can also register a real domain name that you can own, instead of just having another URL on Facebook.

I completely agree with him – he also misses a key point the usability of facebook is vastly higher then the usability of domain name registration, cpanel management and other things involved in getting ones own personal web presence going. DiSo isn’t hear yet so we can’t link to our friends without linking capability that a facebook provides. I suppose Chi.mp was trying to

He links to a post of his from December 2002 called privacy and identity control.

I own my name. I am the first, and definitive, source of information on me.

One of the biggest benefits of that reality is that I now have control. The information I choose to reveal on my site sets the biggest boundaries for my privacy on the web. Granted, I’ll never have total control. But look at most people, especially novice Internet users, who are concerned with privacy. They’re fighting a losing battle, trying to prevent their personal information from being available on the web at all. If you recognize that it’s going to happen, your best bet is to choose how, when, and where it shows up.

That’s the future. Own your name. Buy the domain name, get yourself linked to, and put up a page. Make it a blank page, if you want. Fill it with disinformation or gibberish. Plug in other random people’s names into Googlism and paste their realities into your own. Or, just reveal the parts of your life that you feel represent you most effectively on the web. Publish things that advance your career or your love life or that document your travels around the world. But if you care about your privacy, and you care about your identity, take the steps to control it now.

In a few years, it won’t be as critical. There will be a reasonably trustworthy system of identity and authorship verification. Finding a person’s words and thoughts across different media and time periods will be relatively easy.

What people don’t quite get is that if they anchor their whole online life around someone else’s domain they are locked in. When I first started paying attention to user-centric identity online this was one of the meta-long term issues that the first identity commons folks (Drummond Reed, Fen Lebalm, Owen Davis, Andrew Nelson, Eugene Kim, Jim Fournier, Marc Le Maitre, Bill Barnhill, Nikolaj Nyholm, etc).

A few of them wrote a paper about it all – THE SOCIAL WEB – Creating an Open Social Network with XDI.

They liked the XRI/i-names architecture because it addressed the URL recycling problem with a layer of abstraction. All i-names also have linked to them a conical identifier – an i-number. This number is never reassigned in the global registry. However one could “sell” one’s i-name (mine is =kaliya) and that new person could use it but it would have a different i-number assigned to it for that person.

This past week at the Online Community Unconference we were talking about the issue of conversation tracking around blog conversations. How an one watch/track the conversation about one’s work if it is cross posted on 10 different sites OR if it is just posted in one place and one is distributing a link through 10 different channels? We never did get to an answer – I chimed in that the web was missing an abstraction layer – that if one could have a canonical identifier for a post that was up in 10 different places this would make it easier to track/see conversations about that post. What we do have now that we didn’t have 3 years ago for helping track conversations across multiple contexts is OpenID at least so you can see if someone commenting in one place is the same as someone commenting in another.

There is an additional layer of abstraction in the XRI architecture that supports several things are key to helping people integrate themselves and information about themselves on thew web.

One is cross referencing – so I could have have two different (URI) addresses for the same information (in the identifier – not just mapped over one another leaving me with one address OR the other) and also have one version of my profile be the one I controlled and a different be a version that appeared in a certain social context.

There is also a concept of much finer grained data addressability and control – so I could have my home address in one place and instead of entering this into each website/services/company portal that I want to have this information – just hand them a link to the canonical copy I manage and then I don’t have to change it everywhere. This is of course where the VRM folks are going with their architectures and services.

We shall see how it all evolves. That is what we do at the Internet Identity Workshop is keeping on working on figuring this all out.

Novell launches Bandit

Dale Olds impressed a lot of folks at IIW leading the session to map out all the different open source identity related code that currently exists and that would be good to have.

DIDW reported today that Novelle launched Bandit.

Bandit is a system of loosely-coupled components to provide consistent identity services.

It implements open standard protocols and specifications such that identity services can be constructed, accessed, and integrated from multiple identity sources. The Bandit system supports many authentication methods and provides user-centric credential management. On this base of a common identity model, Bandit is building additional services needed for Role Based Access Control (RBAC) and for the emission of records to verify compliance with higher level policies.

The Bandit community does not intend to do this in isolation. We are doing our part to build foundational components of the emerging identity fabric. All components of Bandit are Open Source and we will work with industry standards and other open source projects to provide open, interoperable, decentralized, identity services.