Pete Rowley

Recently Kim Cameron has been defending CardSpace against various assertions that it won’t work offline. As I pointed out some while back, that is pure nonesense. I’ll let you read Kims blog for the details of how such a system might work with CardSpace, but I’ll just say it has to do with delegation. And that’s just a big word for access control, in this case user centric decentralized access control.

There really is no big secret to how this stuff is possible - at some point in time an offline user will be online, and during that time instead of ceding their credentials to the service in the sky (or worse, it happens without choice), they spend the time granting access specific to the service that needs access. That’ll be a statement along the lines of “Pete’s blog is allowed to view this flickr photoset.”, not “here’s my password dude, do as you will”, or indeed “hey, IdP, see that service? That’s me that is.” I have to agree with Kim on the notion of impersonation - at no time should anybody give the required access level for impersonation of themselves, on or offline.

There be dragons.

Yes, it’s that time again. If you have any interest in seeing what has been going on, what is going on, and what is about to go on in digital identity I suggest you sign up for IIW2007 to be held in May at the Computer History Museum in Mountain View, CA. You won’t be sorry, but you might get caffeine shakes.

The Internet Identity Workshop (IIW) 2006B is next week, don’t forget to sign up. There should be some good identity selector demos in addition to the many interesting discussions. Oh, and coffee.

See you there.

Near where I live there is a diner that serves general breakfast fare. I am not much of a shopper. Hunting for bargains is not my thing. I buy only what I need. I’m an engineer. So, this particular diner has a characteristic that appeals to both my problem solving tendencies and my shopping requirements. One of the first things I noticed was that the prices of the dishes and the side dishes didn’t make a whole lot of sense. You can order pretty much anything two or more ways e.g. 2 eggs and bacon with sausages on the side, or 2 eggs and sausages with bacon on the side. Two ways, but only one way gets you the best price - you save around 50c by having sausages on the side. Suppose you want 3 eggs with that though, same answer? Nope. This menu is a true mark of genius, the rubiks cube of breakfast dining.

Then we have the case of Digital Identity World on September 11-13th next month, with an Identity Open Space on the monday. If you have a look at the registration fee for DIDW you will see that you are in for a cool 2k to step over that particular threshold on those particular days, and $300 less if you registered early. However, if you were to pony up $25 to register to attend the IOS on the Monday of that week you are entitled to a little discount at the DIDW. In fact the cost to you, gov’ner, would be $995. That’s right, early birds, the Way of the Folding Menu strikes again.

As my mother would say, if she had a blog, cheap at half the price.

The Liberty Alliance made a bold statement in Vancouver last week when it opened its doors for the first time to the hoi polloi. Now this was something interesting enough to demand a visit in of itself, but with the addition of an Open Space after the Liberty meeting, well, you knew I was going to be there right?

The first two days consisted of the regular business of the Liberty Alliance where visitors were allowed to attend any session except for the super secret board stuff. I attended many of the technical sessions which were interesting, though sometimes hard to follow as an outsider without access to the documents under consideration. I also took part in a session around privacy concerns that not only assured me that Liberty has them but that they are serious about dealing with the issues. The conversation turned at one point to outside perceptions of Liberty itself and its lack of openess to its internal process and draft documents. Somewhat ironic was the point made that nowhere was there to be found any information regarding the location of the Liberty conference, at least not to those without access to internal websites. A consequence of this being the first open meeting no doubt. In all, an interesting and worthy meeting.

The final two days were spent on the Open Space which was run in unconference format by Kaliya Hamlin and was excellent as usual. Topics ranged from SAML to Liberty People Service to how should we rename this user centric identity thing? Kim Cameron wrapped up with a lunchtime introduction to CardSpace that by popular demand lasted for nearly two hours. At one point Kim was asked whether Apple would have an identity selector like CardSpace and Kim redirected the question to me in my capacity as OSIS representative. As the newly appointed unofficial spokesman for Apple I suggested that if Steve Jobs would call me I’d hook him up.

So Steve, call me.

Kim Cameron has blogged about a conversation we have been having recently about the OSIS (Open Source Identity Selector) project. Negotiations have been underway for many months in order to get to a point where all parties are comfortable that legal and other issues are in order. I am happy to say that Red Hat has been involved with this process from the beginning.

I agree with Kim on the importance of the participation of Red Hat. As the leading Linux distribution it provides a platform for the project and a significant distribution channel, all things required for ubiquity. Ubiquity and cross platform support is a major goal for OSIS and the identity meta-system in general.

When I met with Paul Trevithick and Mary Ruddy some months ago to discuss Higgins it was clear to me that there was an alignment in project goals. Architecturally Higgins represents an uncannily good fit so I am very pleased to see the client effort folded into the Higgins project. Perhaps Higgins suitability is not so surprising given the exchange of ideas and collaboration that has been going on in the identity gang.

In the coming months I hope to be in a position to enable support for information cards on this site with end to end open source software. Watch this space.