• Skip to primary navigation
  • Skip to main content

Identity Woman

Independent Advocate for the Rights and Dignity of our Digital Selves

  • About
  • Services
  • Media Coverage
  • Podcast
  • Blog
  • Contact
  • Show Search
Hide Search

Reviews of Events

Super Trip Review from NSTIC to RSA

Kaliya Young · March 6, 2013 · Leave a Comment

I’ve been on two super trips recently.  One went from before American Thanksgiving to early December. This last one was much of February beginning with NSTIC and ending with RSA. I wrote this in pen and paper last week and typed it up today.
One way I manage to get around is to piece together what could only be considered “super trips” – 18 days.
I actually started off at home on Feb 2nd helping Van Riper run the Community Leadership Summit West. Its an unconfernece for mostly technical  community leaders but also managers but was inclusive of other community based community leaders. I will have a blog post about it up on my Unconference.net site.
February 4th I headed to NSTIC’s 3rd plenary in Phoenix. I presented the results of the Holistic Picture Visualization Sub-Committee printing out the images we found online.  Bob Blakley and Brett McDowell did a good job shaping the agenda and inviting plenary participants to connect with the big vision of NSTIC of 10 years out.

  • All implementation actions are complete, and all required policies, processes, tools, and technologies are in place and continuing to evolve to support the Identity Ecosystem.
  • A majority of relying parties are choosing to be part of the Identity Ecosystem.
  • A majority of U.S. Internet users regularly engage in transactions verified through the Identity Ecosystem.
  • A majority of online transactions are happening within the Identity Ecosystem.
  • A sustainable market exists for Identity Ecosystem identity and attribute service providers.

While at the same time reminding on the way to getting a man on the Moon we got a Monkey into the Ionosphere – so what is our monkey in an Ionosphere – at the plenary groups were invited to articulate this:

  • Relying parties from multiple sectors are demonstrating identity and strong authentication credential interoperability
  • Is easier to use than the broken user account and password methods
  • Licensed professionals now have a common way to express credentials and ongoing certification.   No longer do licensed professionals need to scan, fax or otherwise send paper copies proving their qualifications every time another client seeks to retain their services.
  • allows citizens to securely establish a multi-purpose single identity that will significantly reduce, and eventually eliminate, the need to create and maintain multiple passwords and PINs.
  • Secure web accounts for use in circles of on line providers by 10 banks, 15 insurance companies and 25 hospitals.

[Read more…] about Super Trip Review from NSTIC to RSA

Navigating the New Normal: John Seely Brown at Catalyst

Kaliya Young · July 28, 2010 · Leave a Comment

I am here this week at Burton Group Catalyst. The conference kicked off with a what was by all accounts good talk from John Seely Brown talking about “the New Normal”.
NishantK: John Seely Brown: many of the things that made us successful in the 20th century will make us unsuccessful in the 21st century
jmatthewg1234: John Seely Brown – Thriving in a world of constant flux
bobblakley: John Seely Brown explains the shift from stores of info to flows of info at http://yfrog.com/5u8r3oj
bobblakley: “The cloud is much more disruptive than any of us have ever thought.” John Seely Brown
bobblakley: “SalesForce disrupted Siebel; now being disrupted itself by SmallBusinessWeb. Things are moving that fast.” John Seely Brown
NishantK: John Seely Brown: Good network is loosely coupled, trusted, not captive & filled w highly specialized nodes < basis of #cloud promise
bobblakley: “Moving to cloud requires factoring policy out of apps & making it a 1st class object.” John Seely Brown
bobblakley “Policies must have version numbers.” JohnSeely Brown
bobblakley: “Control-oriented flows won’t work in federated clouds.” John Seely Brown
jonathansander: Outside-in architectures start with the notion of an ecosystem. John Seely Brown
NishantK: John Seely Brown: Need to move from Inside-out to Outside-in architectures – less control, more trust, less predictable, more agile
bobblakley: Schemas are a hindrance in a world of unpredictability – John Seely Brown
bobblakley: “Data has tremendous inertia; don’t bring data to the computer – bring the computer to the data!” JohnSeely Brown
bobblakley: “Web 3.0 will use social media for context sensitive exception handling.” John Seely Brown
jonathansander: Policies are 1st class objects in enterprise 3.0, but so are exceptions. John Seely Brown
bobblakley: “Two things you don’t want to lose control of are policy and data” John Seely Brown
bobblakley: “The edge pulls the core to it by exploiting cloud services and social media.” John Seely Brown
drummondreed: John Seely Brown at Catalyst: the biggest innovation of the past 100 yrs is not the microprocessor but the Limited Liability Corp
This morning the conference kicked off for real with 5 tracks of amazing content. Those of you who know me, know I really am not a big fan of “regular talking heads conferences.” I often tell folks this is the only talking heads conference I recommend attending. The quality of content and thought put into the analyst presentations and the industry people on stage is of a very quality.

IIWX Internet Identity Workshop 10, Introductory Talk

Kaliya Young · May 27, 2010 · Leave a Comment

I gave this talk at the 10th Internet Identity workshop reviewing the shared history, language, understanding and work we have done together over the last 6 years of community life.

Internet Identity Workshop 10 – Introduction to the User-Centric Identity Community

View more presentations from Kaliya Hamlin.

Part of this presentation touched on a timeline of events in the community. Those and more are reflected on this timeline that is beginning to be developed here. IIW11 will be November 9-11 in Mountain View, CA The first ever IIW outside the Bay Area will be happening September 9-10 in Washington DC following the Gov 2.0 Summit with the theme Open Identity for Open Government. The first IIW in Europe will be happening in London likely October 9-10 (dates still to be confirmed) prior to RSA Europe. If you would like to know about when the next IIWs have registration open please join this announce list. TheIdentity Gang is the community mailing list where conversations are ongoing about identity. You can follow modest updates about IIW on twitter via our handle – @idworkshop You can see IIW 10 attendees on our registration page.

IIW9 Highlights – IIW10 Reg Open

Kaliya Young · December 12, 2009 · Leave a Comment

I am really pleased to share that the notes for IIW9 are available in PDF form now. All sessions also have a wiki page too.
Heidi Nobantu Saul did an amazing job collecting notes and we managed to get all session notes except a very few on the last day.
Highlights include:

  • The session on Active Clients that went for several hours on Wednesday that was preceded by the presentation of an OpenID Selector by MSFT on Tuesday and followed by What should Identity Support in the browser look like? led by Johannes Ernst.
  • The Conversation about Social Consent
  • Action Cards continuing to develop with Kynetx & Joe Andrieu presented on Portable Contexts.
  • Progress made on moving activity streams forward.
  • The OAuth-WRAP conversations which are continuing.  Facebook also led a session on why they don’t support today’s OAuth.
  • The continued evolution of WebFinger, XRD, LRDD & what is becoming know as the Hammer-Stack
  • Salmon-Protocol to support comments “swimming upstream”
  • The Trust Framework activity with OpenID Foundation, Information Card Foundation and the Federal Government.

The 10th Internet Identity Workshop is May 18-20.
Registration is Open Now and Extra Early Bird Rates are in effect until January 31.

Celebrating with OIDF & ICF

Kaliya Young · September 8, 2009 · Leave a Comment

This evening I was fortunate enough to be invited to attend the joint OpenID and Information Card Foundation dinner. It was fun to connect with everyone and it really meant a lot to me to be there. It has been a long journey as a community since the first Internet Identity Workshop in Oct 2005.

Long Trip & Three Identity Dinners

Kaliya Young · March 2, 2009 · Leave a Comment

On Wednesday I got home from a 20 day road trip that included hosting three identity dinners along the way.
In Boston, Doc Searls, Mary Ruddy, Paul Trevithick and I called a dinner on February 8th and about 12 folks came out. It was great to connect and some new people joined us. We didn’t take any pictures at that event though 🙁 Attendees includedTrent Adams, Charles Andres, Gerald Beuchelt, Laura (Pistachio) Fitton, Jon Garfunkel, Chris Reynolds, Halley Suitt, Martin Sandren.
Identity Dinner
In New York City dinner was at Katz’s Deli (this was Dean’s Recommendation) on February 12th and it was a great group – including one infant. Isabell was there – who I met at OSCON in 2004 when she was working for SXIP. Other attendees included Sean Bohan, Eric Draghi, Adam Fields, Cem P, and Nicholas Givotovsky.
Identity Dinner
In Seattle a great cast of characters showed up from MSFT – Mark Wahl, Pete Rowley, Kim Cameron, Vittoria Bertocci, and Mike Jones. Andrew Nelson (a founder of IC(1)) came and shared a bit about the cool stuff he is implementing for LLLI,. Drummond Reed was there and invited Kevin Fink, Jason Jerome, Jeremy McKenzie also joined us. My friend Sarah Schacht arrived late and her presence meant that i was not the only woman there. She is working on a project Knowledge as Power that supports citizens being more effectively in their communication with legislators (this means they legislators need to know they live in their districts).
Other activities along the way included work on Identity Futures stuff with Nicholas Givotovsky and John Kelly in the Boston area.
Identity DinnerThe Online Community UConference in New York City produced by Forum One – this was a lot of fun and Mary Ruddy joined me there we got to talk about identity with a range of attendees. We speed geeked – I white boarded OpenID and Mary demo’ed information cards. I got to hang out with Pauline Ores at IBM and Susan Tenby – Gliteractica Cookie at Tech Soup. It was great to talk with both Denise Tayloe (in the picture) and Carol Altarescu from Privo were there as well.
In DC I met with the women who are connected and local about She’s Geeky coming to the city. I learned that if it isn’t on a METRO line it isn’t “in” DC. We have a donated venue space
but in Northern Virginia and not on a metro – we are going to go with it for a one day event. Working on finding an “in” DC venue for later in the year. The goal is to get all the women who “never go into the city” to come to the Northern Virginia they will have such a good time they won’t mind coming into DC when it happens there.
Identity Dinner
Last weekend in Portland I enjoyed myself at Recent Changes Camp. It was the 4th one I attended. During it I lead a session about identity – technologies and issues. The people attending had lots of good questions. Most knew about OpenID they were unfamiliar with information cards. It was interesting to hear people’s deep concern about corporate involvement in the development of these standards – the three corporate names I mentioned in relationship to information cards seemed to raise particular ire – Microsfot, Novell and IBM. I invited all those concerned to join the community and meet the people working on this stuff themselves. I mentioned Higgins (the open source project) and talked about the standardization effort at OASIS. This didn’t sway them much they “just distrusted” the corporate involvement.
I personally am very clear that corporate involvement is essential to getting an identity layer to happen. I was re-affirmed in this exchange in knowing that the corporate perspective is not enough and having a trusted space for critical conversations around issues that arise with identity need a commons for them to occur (that is a space where corporations do note have the ultimate veto about what groups are or are not allowed in the conversation). If a space like this does not exist to create a dialogue amongst diverse interests and perspectives then the risk of it not happening or not getting adoption by people.
I invited everyone throughout my travels to the Internet Identity Workshop May 18-20. Registration will be opening this week with a special recession early bird rate.
My next trip is to SXSW Interactive where I am moderating a panel on OpenID, Oauth and other identity technologies in the enterprise with Bob Blakely, Joseph Smarr and Danny Kolke – it is at 11:30 AM on Sunday.

Nov 13th Kids Online: Balancing Safety and Fun – (un)confernece about the issues and best practices

Kaliya Young · September 24, 2008 · 1 Comment

 
I am working with Joi Podgorny and Denise Tayloe on this day following the Internet Identity Workshop Nov 10-12 in Mountain View, CA. You can register here on Event Brite. We are bringing together a range of practitioners and experts to work collaboratively for a day together.
Our goal is to leave the day with greater clarity around some core best practices and have next steps as an industry to help kids being safer online.
All of the attendees will make up the agenda together at the event itself. We do welcome ideas and suggestions for topics you hope get discussed the day of the event.
This is a day to dive in and work collaboratively on these kinds issues around kids online:

  • Who and what are we trying to protect digital kids from?
  • Are there standards and norms in practice that we can leverage to formalize best practices for industry?
  • Kids fake their ages to gain access to online content, do we as an industry care? If so, then?
  • How do we create best practices that are flexible based on age range, content and willingness for parental involvement by industry or the child?
  • How can we create cyber spaces that balance interesting and fun with safety?
  • What is the role of government in either defining or supporting best practices?

Who this (un) conference is for:

  • Online Community/Virtual World Managers
  • Policy officers and Security Officers at large companies
  • Consultants in the kids online space
  • Identity technologists
  • State Attorney Generals
  • Legislative Staffers
  • Parents and Kids
  • Academics in the field
  • Bloggers

Adult attendees of the conference are welcome to bring their children ages 10-25 to particiapte in the conversations. There will not be child care, this is about talking about the issues with the constituents we are talking about present.
(Kid’s Online is an Identity Commons Action Group)
This week the Internet Safety Task Force had a meeting this past week. dana boyd has a post about it happening here.
Here are some reports from the blogosphere worth reading:
Harry Lewis – More on Internet Safety
I was pretty shaken by the end of the first day of the Internet Safety Technical Task Force yesterday. I had a meeting right afterwards, which I entered by yelping a primal scream.

Benlog – Children vs. Anonymity
The day started with a few words from Connecticut Attorney General Richard Blumenthal….I think the only statement I agree with is that parents should be empowered.
Surveill@nce St@te – State AGs Push Online Child Safety Snake Oil
Won’t someone think of the children?
Given the intense political pressure to do something about child safety online, and a complete lack of proven, peer-reviewed, and abuse-resistant technologies available on the market, a number of private companies have stepped in to fill the void…
Braden Cox – The Safety Chase
Discussions focused mostly on what technical solutions exist for addressing the perceived lack of online safety on social networking websites. But overall there’s still a need to connect the most important dot—do proposed solutions actually make children safer?
Jim Kertetter – Help line in the works for cyberbullying victims
Perhaps the biggest reason for that is students’ behavior: A recent survey of high school students done by the Teenangels found 70 percent of the kids surveyed share passwords with other people. The reasons are often innocuous, such as asking someone to check their e-mail for them, or to find a homework assignment for them. Often, teens in relationships will share passwords to assure one another they’re being faithful.

Having Fun in Vancouver

Kaliya Young · August 9, 2008 · Leave a Comment

I just got back from 10+ days away on Cortes Island at Hollyhock. I am feeling refreshed and renewed.
I am spending about 4 days in Vancouver and then heading to Seattle. While here i am meeting people that I knew when I used to live here.
I had dinner with my sister my first day here. She is doing well and has a very interesting identity related job. She works for a branch of the government that deals with estate disbursement. So when people die and they don’t have a will or an executor or when they do have a will but no executor it is the office she works for job to find the people who get the assets. She does a lot of digging around in ancestry.com and accesses birth and death registries throughout north america putting together the needed identity paper trails. Next time I am up here I will interview her about her job so you can hear first hand about the challenges she encounters.
My friend Irene from highschool #3 invited me to an interesting conversation about wisdom. It turns out Ellen was there from highschool #1 and remembered me. She asked if I had done a science fair project on bleach and fabric – which I did do. She reflected that it seemed to her that I didn’t like highschool much – yep. The experience was more neutral for her.
Yesterday I had lunch with Aunt she told me all about my cousin and his current challenges in highschool – turns out some of them are similar to the ones I had but quite a few are not. We went for a walk on Granville St and then shoe shopping for me.
I then hung out with Newell Cotton who is sort of like a little brother to me. He was 1/2 in age between my sister and I (she is 3 years younger then me) and his mom baby sat the two of us quite a bit when we were little. It was really fun to just sit and talk about what we are both doing now but with a deep sense of familiarity and connection that only comes when you have known someone since they were like 2 years old.
I then got to spend time with my friend Braden who was from highschool #3 we met when I was a senior and he was a freshman – he is someone that I spoke with regularly when I was off at college and visited while home.
I have felt really good about spending time with people here and knowing that in the coming year spending more time in Vancouver will be a good thing.
Tomorrow I am meeting the other ‘odd kid’ from my elementary school and he also went to highschool #1. I will share an update about that tomorrow.

Data Sharing Summit Notes

Kaliya Young · May 22, 2008 · 1 Comment

The Second Data Sharing Summit was a great success here are all the notes summarized along with the links to the wiki. If you were in a session feel free to add more content to the wiki. We are sending out a survey in the next day and are currently planning on moving ahead with a 3rd summit in September a year after the first one.
Data Sharing Events (link to wiki)
Data Sharing Events are independent open gathering spaces where all parties interested in challenge of data sharing can work together.
* Affiliate with a something like IC to build credibility
* Do AGAIN in SEPTEMBER.

Friend Connect etc.
(link to wiki)

  • Friend Connect is a Platfrom support of OpenSocial, not a data collection exercise
  • Makes any site an OpenSocial Container


Activity Data
(link to wiki)

  • More Information / Discussion is needed around the rules for exposing activity beyond that which is avaliable through RSS, APML, etc. (i.e. how to promote and standardize the sharing of activity data which is avaliable behind the wall, through oAuth and other standards)
  • Contact of the stream matters more that delivery mechanism
  • People who are consuming the new structure will likely encounter new types of Activity Structures


Digital Public
(link to wiki)

  • The models of people in our heads don’t fit into schemas.


Linked Data
(link to wiki)
Presentation will be up on http://blogs.sun.com/bbefish
Overview
* Demo of http://summer.dev.java.net/Addressbook.html
* Illustration of distributed social network
* How to add security

What’s Real & Tech Best Practices
(link to wiki)

  • Use OAuth & Portable Contacts
  • Tech Best Practice Will be updated

MySpace Profile (link to wiki)

  • JSon (Open Social), hCard | XFN or FOAF, SemWeb, OpenDD, Portable Address Book (Plaxo)
  • Persistent Data Agreements
  • User Types


Personal Address Manager using ID-WSF
Working Demo (link to wiki)

  • Discovery of Delivery Service disc
  • Clear use-case and flow
  • Discussion of iCard and point of “mosaic” authorization (mashup of dereferenccable claims)

R-Cards Demonstration and Discussion (link to wiki)

  • R-Cards enable a ‘feed’ not just claims
  • Setting up the relationship is:

* different and positioned orthogonal to login.
* sometimes longterm (not necessarily continuous), or 1x, or short term.

  • R-Cards need a common data format (or formats) for RP’s
  • 1 issuer, multiple claims (links) to multiple sources

(pagan -> ptolemic -> copernican -> newtonian -> einsteinian)
Event Attendance Data Sharing (link to wiki)

  • Add event data API to Open Social Spec

Service Providers Matrix From Data Sharing Summit (link to wiki)
This Group Session was to create a Service Provider grid that illustrated the state of what features are available and if providers are using open standards to implement them.
Grid idea came from Stacy Higgingbotham’s – Prying Open the Social Graph article on GIGAOM and Kaliya’s session recommendation on Comparing the ‘Openness’ Announcements.
Grid as produced in the session can be accessed here: (click on Service Provider name along the top to see what data was inputted)
-NOTE: Since this data was put on the grid by both representatives of the service providers as well as other attendees at the Summit- this data is not verified
Daniela Barbosa of the DataPortability Project Group has volunteered on behalf of the Data Sharing Summit and the DataPortability group to find a home for this grid so that it can be verified and expanded upon. Information to be posted here as that is finalized.
Laws of Data Sharing From Data Sharing Summit (link wiki)
Jeff Hodges and Bob Blakely
Key words and phrases

  • Profile
  • Friends
  • Attributes
  • Rights (legal)
  • Expectations
  • Identity
  • Relationship
  • artifacts
  • group
  • social graph
  • social contract
  • Permissions Metadata
  • Open XML format for contact info
  • Delete Account

Broad Questions

  1. What expectations are being set?
  2. Whose expectations Matter?
  3. How do we avoid confusion?
  4. What confusion has to be overcome?
  5. What language is “product specific” and what is “market” specific?
  6. How does “identity”, or the understanding of identity, relate to the benefit and threat of data sharing.
  7. What should be my expectation about “private” data
  8. What datasharing norms “cultural”

Principles of Data Sharing

  • Data Sharing principles should follow social norms — or at least not be destructive of social norms.
  • Context is critical to decisions and expectation about the sharing of data
  • Expectations about sharing should be clear to the parties…[and preserved “downstream”]
  • There can be no expectation of “private” information and all expectations should operate accordingly, unless modified specifically by social contract
  • The community should support standard “best practices” and policies about preserving “permissions”

Action Items

  • Bob Blakley and Dan Carroll to follow up with Mary Rundle about work on Creative-Commons-like icons for Data Sharing.
  • Compile a bibliography of existing work around data sharing.

Some additional comments:

  • This isn’t exactly a new topic. Lots of existing organizations who are already dealing with issues around data sharing.

Data Sharing and Privacy (link to wiki)
The common stories about social network portability are all about letting data flow freely. There are many purposes — personal privacy; community norms; legal risks; business competitive issues — that might cause people to want use discretion and context in social network sharing. In this session, we’ll brainstorm stories for social network data sharing that incorporate concepts of privacy and context.
Everything is locked down, private, non portable. Or everything is open, public, and free-flowing.
But data sharing and privacy are not black and white. In real life, people share and present information based on social context. There are gradations of privacy and information sharing.
There are interesting social trends as people negotiate the increased default level of fame in internet life. And cautionary tales about data sharing gone wrong.
STORIES:
Private information
There are times when it is right to share data in a way that preserves privacy. Family members use different photo services, and want to share photos with each other but not the rest of the world. A group working on mergers and acquisitions absolutely needs to keep information confidential. In these cases one give permission to family, friends, or business associates based on membership in a group.
Signal to noise, social context
There are many circumstances where information isn’t truly private. But people choose to share with smaller groups. Someone doesn’t want to bore all of their friends with information about knitting or rock climbing, when that information is relevant only to a few. Information about one’s political or religious affiliation isn’t a secret, but it may not be the information one chooses to share when meeting new people at a professional conference. In these cases, it would be useful to have the ability to create tags for the relevant groups, and share by tag. The tags can capture the nuances of subgroups: knitting hats vs. knitting sweaters, say.
Progressive disclosure
There are circumstances when people want to start by sharing with a smaller group, and invite more people. Or start by sharing a little bit of information about common interest, and later share more sensitive information.
Stream filter
The signal to noise and progressive disclosure patterns are about the person sharing information. Stream filtering is for the recipient. Sometimes one wants to “people watch” a diverse stream of information. And sometimes one wants to focus on the current work project, or upcoming social events. Stream filtering is used by individuals who want to apply a context to the information they receive.
Persona
People use identifiers — dress or email address — to represent more than one persona. The same person wears different clothes, with co-workers, at a customer meeting vs. a barbecue.
Personal vs. admin control
In organizations, there are some things that an individual may want to control, and some things that admins want to control. A person might want to share soccer pictures with the soccer league. An admin may want to ensure that people aren’t sharing the sports illustrated calendar widget.
Reuse of Shared Information
As feeds for status and information shared in one service with its given context are used in different services and contexts there are increasing difficulties thinking through the implications of extended use and reuse of shared information. Often Facebook or Twitter (as example) status messages are pulled into Skype, but the contexts can be quite different as one is playful and the other is business context and the same message that is humorous in one can be damaging in the other.
ON THE INTERNET, EVERYONE IS FAMOUS
We talked about people’s experiences handling the increased visibility of internet life.
Managing one’s reputation
People share about their experiences in order to get their side of the story out and create a public image. Among digital natives, “it’s not a real breakup until you’ve listed it on facebook.
Handling fame
Before the internet, there were only a small number of people who had more followers than people can confortably manage socially. Now many more people do. More widespread fame means that more people have the issues with stalkers and pestering fans.
Cautionary and instructive tales
At the session at the data sharing summit, the conversation turned to cautionary tales about social data sharing gone wrong.
Failed white lies
Someone begs out of a work-related social event by claiming the flu. His boss discovers a picture on flickr of the guy wearing a skirt and holding a drink. The picture is timestamped at the same data as the work party. His boss sends him a note suggesting that that may not be an effective way to recover from the flu. The lesson here is that some things that feel private are more public than we think.
Social network molting
It is socially awkward to unfriend people. Some people get around obsolete lists of friends by “forgetting” their password and needing to invite their current lists of friends with a new password. The lesson is that declared, public friends lists are inherently awkward.
The ex-girlfriend effect
The list of “people you should know” in social network recommendations often includes exes and enemies. These are people who are part of your social graph – but you are not connected to directly. The algorithm doesn’t know that some gaps in the social graph are deliberate.

The most important news of the day

Kaliya Young · April 23, 2008 · Leave a Comment

is the new data portability logo of course.
I am a big fan of having problems be solved in this problem space and just hosted the second collaborative ‘get it done’ workshop in this area in the last 8 months – on Friday and Saturday see the report all about what got done. We have another one coming up in a month – the DATA SHARING SUMMIT May 15th.

Data Sharing Workshop Report

Kaliya Young · April 22, 2008 · 3 Comments

We had an amazing group that gathered for the Data Sharing Workshop April 18 and 19 (Our Summit is coming up May 15th). It was as we had envisioned – a range of people from large portal companies, device manufactures and small startups.
We had 5 great sponsors Vidoop, Plaxo, BBC, Twine, and Broadband Mechanics. We met at the SFSU Center for the Next Generation Internet and collaborated with the dataportability.org community.
Attendees included those new to the space and veterans who have been working on the issues involved for years. We invited 9 different industry people to open our morning by sharing what they saw as the problem and where we were at.

Everyone introduced themselves and then we dove into making a really great agenda wall.

We also had a Wall of Results. Each session was asked to out put an 11×17 piece of paper what they got done.
Here are some notes from those summaries and the wiki. (please feel free to add more to the wiki if you were in a session and took notes)

How to help you help yourself? was one of the opening sessions lead by Angus Logan of Microsoft. This was really focusing on how to get away from the give us your password and we will scrap your data for you method of users getting their data out.
* User Experience is Hard
* HOw do we get sites to adopt new methods?
o Make sure API’s are truly functional equivalent to scraping
o try to make the UX work well
o Get good PR and Goodwill from getting off passwords
o provide libraries, sample code tutorials
o Host hackathons
o be patient – everyone’s really busy
Being careful with the word own was a session lead by Gabe Wachob
The words we choose when talking about these topics because of the unintended consequences:
* if we define in terms of rights?
* frame the term for the public policy discussions that will come
* “control” has similar issues
We need Creative Commons like understandable controls for your data
We need to initiate conversations
Examples
* who “owns” your bank account balance
What is Identity Commons?
This covered a bit of the history and an explanation of our loose community structure. It is outlined on our wiki. We have 12+ community groups
The ecosystem conversation was interesting – the sense that people had was that we are in the age of “data sharing” similar to the time before cel phone number portability. Marc Canter highlighted formats that have become normative and should be abstracted out.
* Social Graph
* Contact list
* Media Gallery
* Ubiquitous Content
* ID – persona’s and groups
* LIVE WEB events
* Feed Actions
* Blogging – Regular and Micro
The following is needed: Marketing of what the benefits are to relying parties and to vendors. Turning the customer acquisition budget.
Questions were raised about what standards are in this space. There were some that were articulated Note that this list is not comprehensive. Please feel free to add more.
Feeds and OAuth:
* Start by trying to access feed as if it were public:
o username -> profile -> feed url
* Get 401 with auth resp. header if it’s only private, or 200 + link_rel to private version
* Do OAuth discovery or the profile/feed URL
* Perform OAuth -> Get token
* ask for feed with token in authorization headers
* SUCCESS!!
WHAT IS DATA PORTABILITY?
This was an interesting rambling conversation for 2.5 hours.
Clarity emerged around stakeholders and means of engagement. concerns were expressed about improving communication.
* Are data portability and OpenID apples and oranges? there was a healthy debate
* Where is the consensus -Today?
* Terminology heard in the converstaion
RSS, APML, i-card, Open Stack, Identity, Permission, Attention, Container, OAuth, owner, viral, openID, FUD, Interoperability, data sharing, data portability, OSIS.
* Means of Engagement
o specs-style reporting
o bi-weekly outreach
o more blogging
o pull input + commentary
o Don’t ask for comment
o date v. marry
* Concerns/ Threats / Challenges
o Hype v. Beef
o What is the story?
o Is DataPortability THE umbrella phrase?
o Politicizing + Emotion
o Lack of clarity on Scope
* Where is the consensus today?
This was not fully clear but there was a good conversation.
URLs are People too…Social Graph API
* Links are relationships
* Rel=”me” connects ourselves
* rel=”friend” etc. connects to friends
Social Graph API is a cache of the distributed social graph of the public web.
Open Social Q & A

  1. Portability by moving Apps to where the data is or bringing the apps to the users contexts.
  2. Networks as different countries * friends may be hidden * technology: 1 Google, 3 apis (people, friends, activities) — Not as border controls but to extend websites to where users are now
  3. Data: person info; viewer friends; page owner (can be viewer); page owner who’s not a person ; not relationships or thoughts but correlations between what people have already created
  4. User Experience: Apps centric, not in terms of google’s functionality or assumptions
  5. Container determines contxt when linking people and because the user builds the container(s), control is appropriately there
  6. Apps: Most successful will be basic data sharing that have universal applicability; word-of-mouth / engagement viral v. demographic targeting or size-of market targeting; to focus on mail functions is to serve the disease, which will eventually develop immunity
  7. Enables data portability by bringing the applications to where the data is.

OpenSocial — A foundation
* openID based
* Opensource problems
* myspace, orkut, are shipping now
* make doing social stuff easier
What is XDI ?
XDI = XRI data Interchange
XRI = eXtensible Resource Identifier.

  1. XDI is a “PDF for Data” – a portable format for sharing data across applications and services
  2. XDI is also a simple RESTful protocol for sharing data using XDI documents
  3. XDI includes portable permissions called XDI Link contracts

An Open Address Book – we had several folks in attendance telco’s and handset makers. they talked about the big idea – ” We need a single schema for person information” then asked Is this realistic? Finally concluding Death of the phone address book? (Long live the phone address book!)
Semantic Web and Data Sharing
Native
* rich
* low interop
* links internal/proprietary/ not at all
HTML
* LCD
* Highly interoperable
* standardized links
* semi-structured
RDF
* rich description
* ? interop
* no links other then correlation
* not structured
XDI
* Rich
* High Interop
* Fully Linked
* Fully Structured
LLLI/Kintera Use Case and Solution:
In this session we explored the OpenID, XRI and XDI solution deployed to satisfy the Le Leche League International distributed data requirements. The software solutions provider Kintera has been a partner with ooTao in this effort. Kintera hosts 128 Million individual profiles so can help create significant adoption figures on its own.
We saw how each individual member and every system component was given an XRI identifier. In the case of individuals the XRIs – i-names were associated with OpenID services for authentication and in the case of system components the XRIs were given public/private key pairs in order to authenticate to other system components.
The result of the LLLI work is a WORKING distributed data management system that leverages distributed identity for its authentication and authentication mechanisms. For more information contact Andy Dale via his iPage at =andy

Restful Data Addressing
Mike Mell Led this session articulating a proposed syntax for Restful data addressing. He articulated these goals:

  • pure HTTP requests
  • UserAgent to server
  • server to server
  • secure
  • Fine grained addressing and permissioning of any data node

The wiki outlines specific elements in the syntax along with Response and Authentication Modes.
Doable Now and Soon
This was one of the sessions on Saturdays – with a calm group that had been through a really intense day Friday. There was agreement on the ‘dobale now’ and likely doable soon if the right conversations were had.
Dobale Now
* Portable Identities (OpenID, LiveID, FB-ID)
* OAuth (sever to server) delegated auth.
* Contacts Portability (FOAF, XFN, Microformats, like MicroID)
* Sync (feed sync)
* Social Network Portability (Open Social FB platform)
* Social Application Portability
Doable Soon
* Standard Schema for Profile
* Standard Schema for Address books
* Media portability + metadata + permissions
* Linking ID’s of different ecosystems?
OVERALL
The event was full a success. Many people travelled on planes just to be at this event. Some even from Europe. Since the last summit a lot of clarity emerged around what the problem space was and how different approaches could work on addressing the issues.
Key Areas to be addressed at the Summit on May 15th include:

* more conversation about the business value to vendors to allow user-data out of their systems.
* We want to focus on schemas for profile data and address books, not as much on the social graph at this point.
* Demo’s likely we will have speed geeking at lunch.
* Work is happening on an ‘alpha’ version of an executive briefing . Some thoughts: We are moving in to an interconnected world where implementation decisions are not tied to the technologies. That is, how you participate is not tied to the technologies. We are not just talking about future proofing, but about providing a relatively easy way to give yourself options to work in the various scenarios that analysts are already saying are happening. You can increase the value of your offerings by building on offerings provided by others without needing to throw a lot of money at bringing it together. The objective is to make things easier to interconnect. In part by just defining the nature of the interactions that you want.

* We also need to consider targeting legal and policy decision makers. Perhaps from the EEF? other organizations. We don’t necessarily want to target legal departments in large organizations, but different external bodies involved in policy-making.
* We want to gather a larger group from the different companies involved, especially more product managers and other decision makers from companies such as AOL, Microsoft, Google, Myspace (if possible), etc.
* We welcome further input into the goals and outcome for the Summit – the agenda will be determined by the people who attend. Please contribute on the wiki to the Proposed Topics page.
We had a quite closing on Saturday and people were asked what the got out of the event and what their next actions were. You can click through to see what they answered.
I am really looking forward to the Summit following the Internet Identity Workshop – it is going to be even more amazing then this event was and move the whole field forward.

RSA pr3: OSIS Interop

Kaliya Young · April 12, 2008 · Leave a Comment

The OSIS interop was happened in a little room in the same hallway as the speaker lounge – but there was no signage to point people there 🙁
On Monday evening there was a OSIS steering committee meeting. The last one of these I sat in on was at Burton Group Catalyst. It was a good meeting – they talked about the European Identity Conference coming up in a few weeks where they will be again setting up and having interop demo’s based on the I3 work. Some of the European participants will be there. The agreement was that Interop4 would happen at Burton Group Catalyst continuing the work of I3 because it was not complete yet.
Roger Sullivan in his position as representing Liberty Alliance where he is President attended (he is also the Vice President of Business Development for Oracle Identity Management). I found it interesting that Roger said the word user when reffering to entities like Boeing and General Motors. I piped up and said that I felt that the use-cases and needs of ‘end-users’ were different then the needs of massive multi-national entities. He said that the ‘issues’ were all the same. I guess in one way that is true – in the end it is people at the end of the computer terminals. In another way it is different to log into an ‘enterprise environment’ (intense permissioning, lots of legal regulation etc) then it is to manage your personal shopping online. Out of this exchange came the differentiation between these two kinds of users – the larger being ‘deployers’ and the smaller being ‘users.’
As a community we had a good chance to talk about issues. The message that Roger did bring forward was that enterprise customers wanted less confusion in the market – because until it was clearer there would not be purchase of product. There will be more insight into this in the forth coming post about the the conversation I had with other executives at Oracle over a ‘blogger lunch’ on Thursday.
Major ISSUE – there was ‘apparently’ two competing interop events at the same conference. One was backed by a large and well funded organization with a PR staff to promote itself the other was a fabulous grassroots effort – doing huge amounts with very little. It was agreed that next time Concordia and OSIS would collaborate and have an interop in the same place and have one press release (or at least two press releases with mutual quoting) although with different use-case focuses. This is my drawing of the picture that became clear through the meeting.

OpenID Foundation and OSIS is a community group (there is serious consideration of changing our current description from “Working Groups” to “Community Groups”) of Identity Commons, the i-card foundation that is proposed would also be (there are some interesting questions about it).
I worked hard on Tuesday morning before the OSIS interop on some signage for Identity Commons. We had the new diagram that is on the front page of the wiki along with a this sentence that i think goes a long way to describe who we are.

We are a community of groups working on addressing the social, legal and technical issues that arise with the emerging, identity, data and social layer of the internet.

Johannes pointed out that after that some articulation of the issues we are tackling could be listed. This is a list I recently wrote up and shared with a reporter (and she actually said it was ‘clear’). I will put the high level questions we are trying to answer in the context of the ‘clear’ articulation I sent her.
Since the Web was built around “pages”, no tools or standards were created to control how the information about you was collected or used. We all agree that we need some kind of “open identity layer” for the Internet, but we don’t know exactly what that means or what it looks like. Our community has come together around some shared understanding of this and we continue to ’struggle’ with what it means and how it should work.
We are working as a Community, on the development of the next layer of the web—for people and their information—the social-data layer. It’s going to take time to figure out, and lots of people have already been working hard for several years and have made significant progress.
These are the questions we’re striving to answer:

  • What are the open standards to make it work? (identity and semantic)
  • What are technical implementations of those standards?How do different standards and technical implementations interoperate?
  • What are the new social norms and legal constructs needed to make it work?
  • What are the businesses cases / models that drive all this?

Identity Commons is the collection of groups where these conversations are happening.
All this takes time, and yes, interest is growing and movement is happening, but there is not ‘one answer’ or ‘one blueprint.’ As Doc Searls, one of the ‘grandfathers’ of this movement is fond of saying, it is a “market conversation.”
We need a broad and diverse range of participants. This layer once implemented will be as world changing as the World Wide Web of documents was for the Internet.
I also think it is important to remember and emphasize that we are in a phase where there is a lot to get figured out and there is not ‘one answer.’ I think we as a community can tell a clear compelling story to the market AND continue to foster a lively and diverse conversation about the issues that are arising (technical, legal, social). It is some times is hard to remember how unclear things were 2 years ago but they were very vague then – if we continue to progress I am confident a market can develop for these tools. Both the peer-to-peer sessions on this topic were interesting and had a range of enterprise folks looking at these tools (a blog post about those will also follow in this series).
Here is a photo of the interop in progress – next post – interop videos – coming tomorrow.

Over the next week I will work on the the 20 other posts that I have outlined this morning. – ok off to the airport now.

RSA pt2: Concordia Interop

Kaliya Young · April 12, 2008 · Leave a Comment

Day One seems so long ago. I moved all my stuff over from the east bay on Sunday night – Pam was nice enough to let me room with her to save the 1 hour commute each way to home for the week.
I got up early and headed to the Concordia Interop – I got their early enough to see the OpenID logo on the sign. OpenID has not been actively participating in these Liberty lead efforts for a while now and asked that their logo be removed from the website etc. Shortly afterwards a guy with white tape came and covered it up.

This slide explained their current focus and next focus.

Eve handed the podium over to Mike Jones and he introduced the day and explained the three scenario’s they were demonstrating interoperability for. SAML and WS stuff with an emphasis on the enterprise use case.


They shifted into demo’s at the back of the room and presentations at the front.
Lena from FuGen presented this slide.

It presented the complexity of federation and the different shapes that it has. The same policy between a range of partners, different policies with different partners and
There was about 300 people in the introduction and this faded out.

RSA pt1: What a week

Kaliya Young · April 12, 2008 · Leave a Comment

Wow – what a week. I was not expecting the conference to be as intense as it was. I was able to give more to the conference and get more out of it.
It made me realize how much I have learned about the “enterprise & security scene” in the last 3 years. Three years ago I walked by RSA by accident – it was on at Moscone – theme was 1930’s gangsters. I saw Sxip’s logo on the signs for sponsors and I picked up an agenda. I of course didn’t have a pass at all. The next year as it approached I figured it would be a good learning opportunity and I asked if I could help cover the event for Digital Identity World. It was ALL new to me – I was overwhelmed by the acronyms and I just remember not understanding anything on the show floor – I often had to ask them to ‘explain their thing’ to me. There was certainly no formal talk of user-centrism in at the conference either.
Last year we had the big OpenID, MSFT cooperation announcement – it is nice to see that this was real – with their recent joining of the board (along with other big players). I am not sure there were any presentations about it at the event though. I knew more when wondering the show floor but still had to ask a lot of questions.
This year was amazing – this next series of posts will cover the range of things that happened and my reflections. I really could write for a whole two days – however I only have this morning – I am headed to Seattle today for the Green Festival and a conference I am co-producing and co-facilitating about people stepping outside of the box of regular money. I am back here on Wednesday and will be facilitating the Data Sharing Workshop. I am really excited about this event – last fall we had this event prior to the IIW and it really helped sync up the different things happening that are aligned but have different starting points.
John McCrae of Plaxo wrote a great post about it yesturday that features both “Identity Dog” and our “Data Sharing Snail”.

Oh YEAH! OpenID is now apparently working on my blog for comments – so try it out we shall see if it works.

Data Sharing Summit 2 – questions to figure out

Kaliya Young · February 27, 2008 · Leave a Comment

So I am working hard to pull the details together for the 2nd Data Sharing Summit. This is not an easy task given it is a risk to make commitments to venues and vendors – to make it possible to host the event.
This is an option that would give more time to organize and dove tail nicely with related work in the identity community
OPTION 4 – have it begin Wednesday and continue Thursday May 14-15 immediately following the Internet Identity Workshop
There is also the possibility of having something near Web 2.0 Expo the weekend before seems to make more sense to people are not completely wiped out from a weekend of partying and conferencing.
One of the reasons for this is that I know people come from out of town to attend Web 2.0 expo and some for several weeks so that there will be people in town who would not otherwise come ‘just for this event’.
We currently have 2 venue/time/space options
1) in Downtown SF but only can have at maximum 120 people and only 3 breakout rooms beyond the main space – this would be for Friday and Saturday the 18th and 19th. We would be restricted tot use from 8-5 pm.
2) in Mountainview at the Computer History Museum – a beautiful space that we would have to pay for but could hold up to 500 people and would only be for Saturday the 19th. It could go from 8 am to 8 pm+ even. We could feed folks breakfast lunch and dinner along with a barista.
Either way we will be charging money for the event about $100 – and working on raising sponsorship money. I believe events should be funded both by the people who do attend AND by sponsors. This helps create balance and by paying money to come people make a commitment to ‘be there’ for the event and the organize can plan for their attendance.
I am trying to get a read on what will work best.
I am still asking Lucy to put in OpenID for commenting on my blog and she still can’t get it to work even in dialoguing with Pam about it. So if you want to chime in you need to email me kaliya (at) mac (dot) com.

The third option people have put forward it so have it on an ‘large’ tech companies campus and I have said that doesn’t work cause the topic is neutral – so this is not an option in my mind.

DONE! The IC Working Groups 2007 Q4 Reports and January News

Kaliya Young · February 3, 2008 · Leave a Comment

This past week the Identity Commons Working Groups 2007 Q4 Reports and January News were published. I worked in my catalytic role to get all the Stewards of the 8 groups of IC to turn in their reports. There is also news from many of the soon to be IC working groups.
This is the post from the Identity Commons Blog. It is where you should subscribe to get updates from the different working groups at IC. They will be using it to post announcements and information about what they are up to. We have our next stewards call this Wednesday at 9am PST.

PDF of Identity Commons Working Group 2007 Q4 Report and January News
Introduction:
Identity Commons (IC)is a loosely connected community of Working Groups that are addressing the social, legal and technical issues that arise with the emerging identity layer of the internet. The purpose of Identity Commons is to support, facilitate, and promote the creation of an open identity layer for the Internet — one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities.
A wide range of individuals from both large and small companies have been dialoguing and developing tools to make this vision a reality. This past year the community was formalized, forming a nonprofit corporation. Identity Commons has adopted a set of principals to ensure an open, inclusive, and bottoms-up operating structure. Each Working Group has a representative on the Stewards Council. Membership resides in the Working Groups – where the real work is happening. Each quarter Working Groups report on their activities. This was our first quarter of official operation with reporting Q4 2007. There is also news from groups in the process of joining Identity Commons included.
Contents:

Current Working Groups
Community & Events
Identity Gang
Internet Identity Workshop
Technology
OSIS (Open Source Identity System)
OpenID
Identity Schemas
Social Agreements and Policy
Identity Rights Agreements
XRI Org
ID Commons Operations
IC Collaborative Tools
In Process to Join Identity Commons:
Business Application

VRV (Vendor Relationship Management)

Open Source Code Projects for Identity Systems and Data Sharing
Higgins Project
Bandit Project
Pamela Project
Groups related to Standards
SAML Commons
XDI Commons
Newly Formed

Enterprise Positioning
Enterprise Identity Architects
Newbies 4 Newbies
Inclusive Initiatives
Id Futures
Id Media Review
You can find more background information about IC here and a moreindepth history here

Newbies 4 Newbies First CALL

Kaliya Young · January 28, 2008 · Leave a Comment

This past Internet Identity Workshop was great for a bunch of reasons – one was that we had this fabulous group of new people show up – who wanted to learn more and share how their experience could be better.
Currently, it takes initiative on the part of a new person to get up to speed. How do we provide resources to accelerate their efforts?
They formed a group called Newbies 4 Newbies that is sort of a club for new folks to help – new folks get oriented. They are going to develop and manage the Starting Points page – and ensure that it meets the needs of new folks. Within in a year folks will move on from being Newbies and others joining the community can take their place.
If you are a newbie to Identity (or some aspects of what we are doing this group is for you). Please feel free to join the call tomorrow at 1pm PST / 4 Eastern – here is the call in information and the agenda.
For those of you who would like to help newbies – They have come up with the concept of “Friendlies” those who have been in the community a while who wouldn’t mind helping the new folks get oriented to their particular area of expertise. If you would like to help out with this feel free to contact Cindy Spannhake cspannhake@switchbook.com or Dan Nelson dan@flexmls.com and let them know the area you wouldn’t mind helping out with.
They are also very conscious that people are quite busy getting stuff done – the goal is help you contribute some of the key knowledge/resouces and then provide it for new people – so it isn’t just stuck in all the brains/blogs of all the people who have been doing this a while.

Up for Air – Finally

Kaliya Young · December 14, 2007 · Leave a Comment

I have had very full days since the first of the month.

  • First I was preparing for IIW and then actually there producing and facilitating.
  • Then I headed north to Sacramento to participate in a training for two days (more about that later).
  • I headed to LA to watch the Canadian Water Polo Team play and visit with my best coach from when I was growing up.
  • I hung out with friends and did a site visit for the Cook-In that I helping to produce and facilitate in March.
  • Wednesday I was down at the Institute for the Future as an expert for a think tank thing for a specific client.
  • Yesturday was the BlogHer Holiday party that was more fun then I thought it would be.
  • Today I got my first Christmas Card in the mail – it was from the Burton Group.
  • I found this on Slashdot Lucas Film Christmas Cards – thought it would bring you all some cheer.

I am working on setting up a new home office and hope to settle down to write more here about IIW and Identity Commons in the coming weeks.

Read Write Talk Podcast, on IIW with me and Dale Olds on

Kaliya Young · November 10, 2007 · Leave a Comment

Sean Ammirati is a product manager at mSpoke who attended IIW for the first time last May. He also writes for Read/Write Web about once a week and does podcasts on Read/Write Talk. We recorded a podcast last week there is both a transcript and a recording. Dale Olds joined me at the end of the podcast.

Brussels (feedback way late)

Kaliya Young · October 18, 2007 · Leave a Comment

Apparently some of you had a terrible dinner experience in Brussels in April at the Identity Open Space. Well so did I.
It was one of the low points of identity community organizing involving logistics in a foreign city. I had an offer from a local in the (identity) community to help out with anything that I needed help with for the Identity Open Space. I asked him to help find a venue for our dinner. I trusted him to do this and it was not really a good choice. It was far away (although walking distance), the room was crowded, it was hot, we had a set menu, the food was not good and it was expensive. So I am sorry to all of you who endured it.
Lessons learned:
1) Don’t fully trust the local (get secondary confirmation from an additional person)
2) Tap more knowledgeable local sources – like hotel concierge to find venues for dinner.
3) Ask the co-coordinating organization for help too (that would have been Liberty Alliance in this case).
Sorry again to all of you who had a bad dinner experience. It was not my intention. I really wanted to be able to eat and talk together and discuss identity as a community. I know that my table had a good conversation so I hope that others did too.

Data Sharing Summit – Wiki Gardening Part 1

Kaliya Young · September 12, 2007 · 1 Comment

I spent a good portion of this afternoon at a (solo) wiki gardening party on the Data Sharing Summit Wiki.
There is a page called Outcomes in the top Nav Bar that documents pages on the Data Sharing wiki along with the many blog posts that cover outcomes of sessions, links to photos of the summit and next steps.
I am quite pleased with the range of good documentation and commentary and hope that by next week there is even more posted. I will have written up all the Problems and Offerings that people put forward at the beginning of the weekend.
It was a pleasure to work with Marc Canter to bring this group together. Many have commented to me about how incredible the focus and productivity were at the event. I asked folks at the closing what they thought got done and we have an amazing list. At the closing circle 95% of folks thought we should do it again and 95% liked the format. The thing I love about open space is that it allows anyone in the group to put forward their ideas and the group votes with its feet about what to do. I think for innovating and getting stuff done there is no better way.
I would like to thank Innovis for their generous donation of space. Plaxo was super and stepped up to resource me for my time – facilitating that group is not an easy thing to do – it takes a lot of energy. AOL paid for a great dinner on Friday Night and Clear Spring covered the drinks – I think eating together is as much a part of a conference as ‘the conference.’ Leverage and Cerado also contributed money to make the event possible.
I will be doing another Wiki Gardening Party next week for the Data Sharing Summit Wiki Wednesday from 11-3 on the Freenode Channel #datasharing if you want to join in.

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to Next Page »

     Copyright © 2023 Identity Woman  evelurie.com/web design/develop     

  • Terms of Use
  • Privacy Policy
  • Sitemap
  • Contact