As I sit here in the blazing heat, periodically jumping into my pool - I’m feeling good about the last few days I spent in Vancouver.  It was great for me to get away from answering sales calls, improving user interfaces and dealing with Angel investors.  I found myself right back smack dab in the middle of an evolution of technology, where enterprise, mil spec encryption, security and privacy technology was being deployed for the purposes of each and every one of us to be able to control our content and meta-data.

Moving and controlling profile data is important, but we ALSO gotta control access to our content - based upon our relationships to the viewer.  Apparently Vox does this pretty well - but I haven’t checked it out - yet.

A lot of time and energy was spent up in Vancouver trying to define and speak clearly of all the different platforms and their nuances.  It was an Open Space effort, designed to correspond with a Liberty Alliance meeting, so lots of loosely structured meetings occurred where real work was accomplished.

One on hand you had all these academic and enterprise researchers and experts who are managing bank accounts, mutual fund accounts and health records, debating on details like ‘is it TIS or really THAT.  Then a bunch of the open folks - like Neustar and Cordence were there - more or less hawking their goods.

So in other words this was the “open user-centric folks” meet the SAML/Federated trust enterprise wonks fest.

I’d say it came off pretty well - espeially with Kaliya Hamlin leading the organization, facilitating the conversations and keeping things lively. I did my best to also “keep folks awake” - while only dosiing off a few times myself, during those insipid debates on “do you mean WHAT you mean or is that a semblence of meaning in your declaration?”  It was that bad.

As a vendor I went to this meeting knowing that I was a downstream participant, some one who’s issues are allot different from the folks who are tryign to stake our real estate around ’standards’.  You see - we (by defintion) have to support ALL the standards, so my only real motivation is to get as many of them to work together and adhere to each other’s standards.

And that’s what I did.  There was a whole session on ‘Protocols Converging’ (led my Dick Hardt) and that led to a few private meetings out in the hallwway, which is where al the real work gets done. I myself am excited about what Dick is gonna show and unveil at OSCON next week,but I can’t tell yah about it.

Or else I’d have to kill you……

Anyway - based upon what I heard at this meeting, here are some issues that are pretty easy for me to make:

- at best we’ll get 2% of the populace using this stuff - even within the next few years

- but many more people WOULD/COULD use it if it was readily accesssible, easy to use and they understand what the fuck it meant

- doesn’t really matter if it implements authentication, if that’s ALL it does

- I agree with Kim Cameron - there will be two approaches to this area:

- card based

- address based

- and that’s the best way we can describe it to the humans
The Identity space is really complicated, and our clients expect me to be an expert at it.  So I nerded out over the past few days and have the next generation acrhiutecture for PeopleAggregator designed with it in mind. 

It’ll make sure that real value can be delivered to humans - real soon now- regardless of whether or not they’re (the humans) willing to jump through all the hoops and grok all the nuances of the Identity puzzle.

There’s one inherent tradeoff for this.  If you don’t want to jump through all the hoops of getting a card or sigining up for an address (of just hacking one yourself) then you CAN’T COMPLAIN if you don’t get a phishing proofed, crypto encoded, secruity tight, hacker proof, scalable, long term, persistent unique identifier.

But if all that really gets you off, then you won’t mind jupning through all the hoops.  Those hoops require opting in, sharing, moving and adhering to all these rules - about Personal Identity Mesh. 

Getting a info card to be compatible with Kim Cameron’s Info Cards system, which will be built into Vista and is available for XP - right now - will be about getting something called a .crd file.  Kim showed using Info Cards to log into Wordpress - just to prove that it works on a LAMP stack, open source platform.

David Recordan (of Verisign) led an excellent session on OpenID and talked about its status.  Drummond Reed was there to talk about XRI and XDI.org and inames.  All the major players in this space were there and talking to each other.

Dick Hardt had a session on coming up with a name for the unique thing we’re doing.  Its not a traditional federation, or circle of trust - its recognizing that inviiduals rely upon portals (or fancy webapp) software to get their services and that they’re probably dealing with LOTS of these services.  Each o these portals have all sorts of assertions, backend technology, web services, aliance partners and otehr infrastructure.  But what we SEE is the portal or NetVibes or PageFlakes or MySpace or Vox.

The human is then supposed to confer and rely upon (what’s known as) an identity provider or identity broker - which is usually an objective 3rd party - to verify their claims, assertions and transactions. We debated upon what to call it - but we all agreed that its something new and unique. I call this the “Personal Identity Mesh” - cause anybody can use any Identity broker - yet we’re all supposed to trust and believe in these ‘reputation systems (especially is Auren Hoffman has his way - with Rapleaf.)

Whatever the term is - its the universe that PeopleAggregator is going to support and help make happen. But we need LOTS of vendors to participate and the big boys - too.

This entry was posted on Saturday, July 22nd, 2006 at 2:00 pm and is filed under . You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.