Books/Papers on ID

Yesturday was a rich day for identity related stories.
Feds Start Small on Smart IDs talks about the start of the roll out of

The use of personal identity verification, or PIV, cards for verifying the identities of all federal workers and contractors was mandated by Homeland Security Presidential Directive 12. The unfunded HSPD-12 mandate specified that agencies must adopt a common identification credential for access to government facilities and computer systems.
Friday’s deadline and an earlier one calling on agencies to develop procedures for verifying the identities and backgrounds of all workers by last October were both considered exceptionally aggressive because of funding issues and the technology and process changes required.

Does anyone know what the procedure they actually developed is?
The register reported that to buy a beer in the UK you will have to give your finger print. The rational is to reduce ‘drinking related crime’. It sounds freakishly Orwellian.
Beer fingerprints to go UK-wide:

The government is funding the roll out of fingerprint security at the doors of pubs and clubs in major English cities.
Funding is being offered to councils that want to have their pubs keep a regional black list of known trouble makers.
The council had assumed it was its duty under the Crime and Disorder Act (1998) to reduce drunken disorder by fingerprinting drinkers in the town centre.
Some licensees were not happy to have their punters fingerprinted, but are all now apparently behind the idea. Not only does the council let them open later if they join the scheme, but the system costs them only £1.50 a day to run.
Oh, and they are also coerced into taking the fingerprint system. New licences stipulate that a landlord who doesn’t install fingerprint security and fails to show a “considerable” reduction in alcohol-related violence, will be put on report by the police and have their licences revoked.
Offenders can be banned from one pub or all of them for a specified time – usually a period of months – by a committee of landlords and police called Pub Watch. Their offences are recorded against their names in the fingerprint system. Bradburn noted the system had a “psychological effect” on offenders.
The Home Office distanced itself from the plans. It said it provided funding to Safer, Stronger Communities through the Department for Communities and Local Government’s Local Area Agreements. How they spent the money was a local decision, said a HO spokeswoman.

Last weekend there as the first official Ruby on Rails Conference in Chicago. OpenID, Rails and Identity 2.0: Building and Cultivating an Identity Ecosystem. was presented by Matt Pelletier owner of EastMedia a Ruby development shop in NYC that has done a lot of the coding for the Verisign PIP And Kiran Dandekar is a colleague of David Recordon at Verisign and presented at a different time as well….
Here are some of the best summaries from the blogosphere…
Blogging RailsConf:

Digital identity sucks!
* Repetitive
* Complex and inconsistent
* Poor UI
* Lack of control
* Unnecessary

notkeepingitreal.com:

An Open Identity system should be…
* Extensible
* User managed
* Open
* Perpetual (not just used once)
It’s about you
* The general idea is that when you go to a site, you are redirected back to your site, where you log in. The site that you intended to go to communicates to your site and confirms your identity, allowing you into the site you wanted to go to in the first place. And best of all, once you do login once, you’re on: Single Sign On!
* There are attributes that you control. You can specify the attributes that you want to share with each site.
* Some attributes (such as age, like if you are on a site selling alcoholic beverages) need to be verified. Certain companies would then be in the business of verifying OpenID attributes.

Fingerprints of Casper Fabricius

Kiran Dandekar made an entertaining point out of demonstrating the variety of information that has be made available about him in different contexts like business, community, family or alumni. The problem is, he stated, that identities and identity attributes are site centric on the web, so you have to start from scratch entering this information on every site and even identifying yourself, as opposed to when you – for example – board in the airport, and all the airline need to verify your identity is your driver’s license. The driver’s license is not issued by the airline, but nevertheless is accepted to identify you, because the issuer of the identity is trusted.

Kuniforum:

Matt’s presentation on Sunday morning was on OpenID and is definitely something I intend to track, as the architecture seems really viable. Way smarter than Passport.

BloggingRailsConf:

Project Bantay
* Blend Yadis + OpenID and offer them as a service
* Building an identity 2.0 stack
o Protocol support
o Yadis
o OpenID 1.1
o http://openidenabled.com
o Mongrel
o A natural fit for HTTP-heavy protocols
o Tight, fast, secure
o Support for Handlers, Filters
o Zed Shaw is the man
o Identity server
o Single sign on
o Profile management
o Trust requests
o Consumer plugin
o Rails plugin
o Push-button simplicity
o Leverage Rails conventions
o Play nice with “old” idiom of user silo
o Bookmarks demo application
o Testing
o Interesting test environment
o Test libraries
o Test handlers
o Test Rails app
o Test cross-site functionality (Selenium)
o Mongrel Rules!
An identity ecosystem
* Cultivating Services
o Claims verification
o Dating sites: verify your gender
o pr0n: verfiy your age
o Job application: verify your green card
o No posting to kids’ blogs unless you’re <= 14
o Reputation
o Seller reputation
o Weenie reputation
o You can’t post blog comments
o No committing to Rails trunk unless you’re a verified pouty artsy wanker
o Trusting identity providers
+ Needs to be discussed
+ Trust chain
o Wide open marketplace
o Develop creative new services
Next steps
* Download the plugin – identity.eastmedia.com
* Download the bookmarks demo app
* Identity Server to be released this summer
* Play around. Use your noodle.