Last weekend there as the first official Ruby on Rails Conference in Chicago. OpenID, Rails and Identity 2.0: Building and Cultivating an Identity Ecosystem. was presented by Matt Pelletier owner of EastMedia a Ruby development shop in NYC that has done a lot of the coding for the Verisign PIP And Kiran Dandekar is a colleague of David Recordon at Verisign and presented at a different time as well….
Here are some of the best summaries from the blogosphere…
Digital identity sucks!
* Complex and inconsistent
* Poor UI
* Lack of control
An Open Identity system should be…
* User managed
* Perpetual (not just used once)
It’s about you
* The general idea is that when you go to a site, you are redirected back to your site, where you log in. The site that you intended to go to communicates to your site and confirms your identity, allowing you into the site you wanted to go to in the first place. And best of all, once you do login once, you’re on: Single Sign On!
* There are attributes that you control. You can specify the attributes that you want to share with each site.
* Some attributes (such as age, like if you are on a site selling alcoholic beverages) need to be verified. Certain companies would then be in the business of verifying OpenID attributes.
Fingerprints of Casper Fabricius
Kiran Dandekar made an entertaining point out of demonstrating the variety of information that has be made available about him in different contexts like business, community, family or alumni. The problem is, he stated, that identities and identity attributes are site centric on the web, so you have to start from scratch entering this information on every site and even identifying yourself, as opposed to when you – for example – board in the airport, and all the airline need to verify your identity is your driver’s license. The driver’s license is not issued by the airline, but nevertheless is accepted to identify you, because the issuer of the identity is trusted.
Matt’s presentation on Sunday morning was on OpenID and is definitely something I intend to track, as the architecture seems really viable. Way smarter than Passport.
* Blend Yadis + OpenID and offer them as a service
* Building an identity 2.0 stack
o Protocol support
o OpenID 1.1
o A natural fit for HTTP-heavy protocols
o Tight, fast, secure
o Support for Handlers, Filters
o Zed Shaw is the man
o Identity server
o Single sign on
o Profile management
o Trust requests
o Consumer plugin
o Rails plugin
o Push-button simplicity
o Leverage Rails conventions
o Play nice with “old” idiom of user silo
o Bookmarks demo application
o Interesting test environment
o Test libraries
o Test handlers
o Test Rails app
o Test cross-site functionality (Selenium)
o Mongrel Rules!
An identity ecosystem
* Cultivating Services
o Claims verification
o Dating sites: verify your gender
o pr0n: verfiy your age
o Job application: verify your green card
o No posting to kids’ blogs unless you’re <= 14
o Seller reputation
o Weenie reputation
o You can’t post blog comments
o No committing to Rails trunk unless you’re a verified pouty artsy wanker
o Trusting identity providers
+ Needs to be discussed
+ Trust chain
o Wide open marketplace
o Develop creative new services
* Download the plugin – identity.eastmedia.com
* Download the bookmarks demo app
* Identity Server to be released this summer
* Play around. Use your noodle.
Leave a Reply