Indpendent Advocate for the Rights and Dignity of our Digital Selves

Identity Woman

Indpendent Advocate for the Rights and Dignity of our Digital Selves

ID biz models "in the future maybe" says Johannes

By Leave a Comment

Johanne Ernst is a builder of Identity technologies (and one of the clearest thoughtful thinkers about identity technologies and markets. He just posted a great post about business models in the identity space. I know he has at various times tried raise money as an entrepruner in this space – so he has thought a lot about the business models.

For those of you who don’t know Johannes he developed Light-Weight Identity (LID) a URL based ID system at the same time Brad Fitzpatrick did at Live Journal and then participated in merging it all together into YADIS discovery which became woven together with OpenIDv1, XRI/i-names  and sxip to become OpenIDv2. He also was the first drawer of the identity triangle (OpenID, SAML, InfoCards) which evolved into the Venn of Identity.

Many people have ideas for value-added services that could be sold once sufficiently many users used internet identities at enough sites. The trouble is that the transaction volume for OpenID (or any other identity technology on the internet) is still far too low to make this viable.

The mot important sentence is this one – Let’s not confuse being majorly annoyed how long this is all taking (speaking about myself here) with something being fundamentally wrong (because there isn’t).

I take heart with what he has to say especially because he addresses it to a big part of what I do – organize (un)conferences to continue momentum for the field.

From his post:

Value-added services:
Many people have ideas for value-added services that could be sold once sufficiently many users used internet identities at enough sites. The trouble is that the transaction volume for OpenID (or any other identity technology on the internet) is still far too low to make this viable.

So the verdict here is: perhaps in the future.   

So what’s an analyst, or conference organizer, or entrepreneur, or venture capitalist to do?

My take: Hang in there, keep the burn rate low, make no major moves, would be my advice. (Believe it or not, sometimes I’m being asked about my advice on this.) All the signs are pointing in the right direction, the latest being Google’s major OpenID push. Let’s not confuse being majorly annoyed how long this is all taking (speaking about myself here) with something being fundamentally wrong (because there isn’t).

Sooner or later, at least the value-added services opportunity will emerge. Perhaps others. But so far it has not yet.

IIW & Identity Community Bumps in the Road

By 1 Comment

This is cross posted on the IIW blog .

When we first started meeting (the early “seedling” meetings of community) at other people’s conferences, there were Microsoft people, Liberty Alliance/SAML people, Shibboleth implementers, user-centric folks (OpenID, LID, sxip, i-names/xri), big idea folks (Doc Searls), etc. We met for a couple of hours at a time and knew there was common ground, but knew we needed more time to really understand each other: to have more of a shared language and develop enough strength in the relationships in the community to work together. We figured we needed to have more time to meet together, so we convened the Internet Identity Workshop. That first event was amazing and quite formative – kicking off the conversation that would lead to OpenIDv2 via Yadis. Kim Cameron presented his 7 laws of identity that have become foundational to community thinking and introduced the idea of information cards and selectors; much work is now happening around this.

Soon afterward Brett McDowell the ED at Liberty Alliance approached me and Phil about having an Internet Identity Workshop (IIW) next to (the days following and in the same location) an upcoming Liberty Alliance meeting. We thought this was a great idea to create more space for people to meet about user-centric identity technologies and issues. When Microsoft got wind of this, boy did I get an earful – they felt that the neutrality of IIW would be totally compromised if it came to be that closely associated with Liberty Alliance (remember Liberty Alliance was originally formed by Sun and others in response to Microsoft Passport).

IIW had provided a forum for anyone working on user-centric identity technologies to come together without anyone making an “agenda” for the meeting or creating a “technology road map.” Literally anyone who came could put a subject on the agenda on the day of the event. All parties did want to increase dialogue and cross-pollination among the groups, and we found a way through by jointly (IIW and Liberty Alliance) producing what we named the Identity Open Space (we also said we would be open to co-producing with others who asked – we did two with Digital Identity World). It was in Vancouver Canada and Kim Cameron along with several Microsoft folks along with many in the user-centric community attended and because it was the two days after a Liberty Alliance meeting many Liberty people were also there, and it was a good event that moved the industry forward.

Right in the middle of getting this worked out – I on a personal level had a very intense experience being caught in the middle – a giant trade association on one side and Microsoft on the other. We (me, Phil, Doc, Kim, Brett) managed to navigate this as a community and do the right thing and we became stronger as a community for having done so.

We continued to have IIW’s every 6 months and in 2006 it was clear we were going beyond just IIW and needed a community home/container to connect community efforts and provide common services (blogs, wikis, bank account for doing common work like holding events). We held a series of conversations and decided to create a community organization, drawing on an existing one, Identity Commons – the community liked the purpose and principles approach for bringing people together. As a codition of brand transfer to a our nonprofit organization we worked on our version of purpose and principles. There were some delays in actually getting the organization legally formed and the brand transfered, but in 2007 we were an official organization: a network of organizations, initiatives, and projects all working on different aspects of a people-centric identity layer of the web. There are several places you can read about community history and background around Identity Commons. I wrote “What the heck is Identity Commons?”.

Next fall we are hosting our 9th event. Many things have move forward significantly in the community – OpenIDv2, OAuth, Venn of Identity paper, OSIS Interop, Concordia use-cases, Information Card evolution including Augmented Browsing with Action Cards, Portable Contacts, Open Social, OpenID/OAuth hybrid, Activity Streams, Distributed Social Networking, Discovery particularly XRD. So what has made IIW work so well in fostering the kind of collaboration and innovation that has emerged from it?

  • We have kept the space free: no one has the ability to buy time at the conference.
  • All ideas are welcome: there is no committee controlling the agenda, so politics about what is “on the agenda” or “not” just doesn’t happen.
  • It is a working workshop to solve real problems, move technical projects forward and discuss interoperability among them.
  • We put attention towards creating the space for relationships between people to form naturally over time and thus enabled trust to grow.

Arrival at etech – Lanyard Mashup and iname postcards

By Leave a Comment

I just got into San Diego for eTech. I am in a very enjoyable tutorial by the Adaptive Path guys on Designing Web 2.0 applications.

The prime insight is that they are both informational hypertext systems and applications with a software interface. One must look at this duality throughout the development of the site on the stack from the must abstract – Strategy through Scope, structure, skeleton, surface – the most concrete.

I also got my 10th Sxip lanyard I have taken the liberty to do a Mashup adding the other Identity 2.0 protocols – OpenID, LID, inames, Yadis and front and center ID Gang. I took a photo you can see here.

We have new iname postcards promoting the developer portal that was launched today – content will be improving as the community contributes more.

Oh yes and as if that was not enough – we get to Sxip into our rooms – here is Phil with his Sxip Key. Maybe it is ‘sign’ that Sxip will work with infocards – they just did an STS exchange to issue us all hotel room keys. – this is of course an allusion to the presentation that Andre of Ping did at Digital Identity World last year where he went through the whole process of checking into the hotel and doing STS’s in analogue space.

Developer Workshop For Those Interested in Using Identity in Their Services and Tools

By Leave a Comment

The Internet Identity Workshop presents an
Informational Morning for Developers

Hosted by Doc Searls,Mary Hodder and Kaliya Hamlin

Monday, December 12, 2005 9-12 noon, with lunch from 12-1

Canton Dim Sum @ 655 Folsom St in San Francisco.

Cost $20 for lunch (PLEASE RSVP HEREas the Canton Restaurant has been kind enough to give us the space if we all have lunch there, but we need an accurate count by Sunday at noon).

If you are a developer working on a application that has folks login – this is a morning for you.

Doc Searls will begin the day giving an overview of the identity landscape. He and others will answer the question:
* Why do identity systems matter when building new systems and tools?

We are bringing together a spectrum of folks who have been working on developing identity systems and tools. Identity Developers will share their work, basics and best practices to date to get started exploring integrating identity into these applications. These include YADIS, LID, Open ID, i-names/XRI, SXIP, among others.

Developers of applications who have included identity into their services and tools will share briefly how they’ve done it. Application developers will hear from and meet with identity developers to ask questions.

Event Info
Detailed Agenda
and RSVP here.
(sorry for the 2nd post on this blog but it finally sound.

Passel: identity. remixed.

By Leave a Comment

DizzyD presented on Passel and The Identity Gang is in the HOUSE! Johanes, Doc, Phil, Mary and Mary – wow three identity women.
He also didn’t really approach it right he didn’t get all the different systems and how they worked and we were all in the audience correcting him. It really highlighted the need for the workshop we are hosting in October.

Here is the summary:
How do I as user my identity on the web?
The ‘story that started it all’
Wife’s machine got Trojan. I had to change all passwords everywhere.

What is Identity?!
Identity is just another class of information we manage.
It’s a second-order problem. When I get on the net I get on it to do Identity Management other tasks.

What is Identity [Italicized] ?
Depends on the setting

Bottom line two fundamental types
third party vouch for and self asserted

His summary of the other stuff..

What are the options:
Passport
All others are not inherently evil.
everyone is throwing protocols against the wall and seeing which ones stick.
who do you trust to host you identity?

SAML
SAML/Liberty
trust relatinoship between two entities on your behalf
“asserting” used a lot in this world….and I will use it a lot

Standards are well documented and widely deployed. Lots of infrastructure required for trust relationships. Conditionals and trust relationships not viable from an open source stand point. Took a lot of time for a second order problem.

SXIP
Identity is locked into who the identity provider. You can change home sites. not locked in. Run on own machine. Powerful for users with centralized for user to move.

LID
Send information back and forth and urls based.

OpenID
No dynamic scripting needed. You have your identity URL tell via meta tag where identity server is. enter URL – blog URL. LiveJournal do you allow it to authenticate?

Can’t i-names do this?
He asserted wrongly that there was not reputation (global services launch will embed reputation in the messaging/contact system.

For Internet-scale Identity needs

  • Aggregate IDentity
  • Decentralized and open
  • Divers programming Language/environments
  • Interoperable implementations
  • Bootstrap off existing trust models

PASSEL
Gives you more control over data
Aggregates your identity via user-centric three-piece architechure
implemntations already started Perl, PHP, Java and C#
Pluggable trust models.

Generalized model for proving any DNS-based identifier
Trust Model

  • how you prove the signer
  • person x
  • Moving identity information proving that a
  • protocol how move around
  • plug in how you trust information

PIECES:
Agent (principle’s computer)

  • aggregates into portfolio
  • public private key and fingerprint
  • natively if not
  • Zip file on key – use on different locations

Signer (site that makes assertions)

  • signer issues token with for example 4 hour life span
  • agent must retrieve new token from dizzyd.com

Target (relying party)

  • how does the
  • retrieval of public key.

Technorati Tags: , , ,