Monday, March 31, 2008

What Data Portability Means to Me

I have a new theory on Data Portability.

This theory (on Data Portability) which belongs to me is as follows. Ahem. Ahem. This is how it goes. Ahem. The next thing that I am about to say is my theory (on Data Portability). Ahem. Ready?
Data Portability is a group of like-minded individuals interested in low-end video production.
That is the theory (on Data Portability) that I have and which is mine, and what it is too.


Sprolling, v., to quickly scroll through one's Spam folder looking for falsely maligned valid messages hidden amongst the offers to 'Be #1 for your Grl'.

Signature Style

Ping ID and Shibboleth release a paper on Dynamic SAML, a set of related proposals for streamlining SAML partner federation.

Although it seems to me that the paper makes only oblique reference to it, in a previous post, Patrick Harding discusses the trust bootstrap question
The fact that you trust the key in the meta-data and will use it to validate signatures of SAML messages is because you have separately established trust in the meta-data file itself. So obviously this begs the question – How do I trust the meta-data file is my partners meta-data file?

The short answer is that the meta-data file itself must be signed and the X.509 certificate used to validate the signature is itself included in the meta-data file. The keys used to trust the meta-data file are separate and in my view will be X.509 certificates issued by publicly trusted Certificate Authorities.

As described, the signature over the metadata would tell a partner contemplating doing federated business only that the metadata file did indeed belong to the provider named as the entityID within (if they could demonstrate possession of the private key associated with the embedded public key, etc).

If a SAML SP were to base its trust decisions for various IDPs solely on such a signature, then it would be blind to the differences between those IDPs. Two different IDPs may both be perfectly legitimate businesses (and so able to get their metadata signed by some CA), but that doesn't make them equally capable - in the sense of the level of identity assurance they can support in the assertions they issue.

More meaningful for the SP would be a model in which the signature over the metadata (or a separate signature, a possibility for SAML hilited by the paper but not really explored) gave the SP an indication of the level(s) of assurance that that IDP was capable of supporting.

Names matter

Choice & Control?

Does not imposing OpenID on new registrations serve to reduce user choice & control?
Joining Ma.gnolia is easy: just sign in using an account you already have elsewhere on the web.

Every RP has the right to decide how to authenticate it's users. If Magnolia (I refuse to use the cute '.') feels it obtains higher assurance or better controls risk by fully relying on 3rd party identities, full power to it (and if they wanted to go further and implement a whitelist of OPs, that would be their call as well).

But, shouldn't we at least pause and ask how such a move fits with a philosophy of user-centric identity, the poster child of which is OpenID?

Put another way, if the fundamental tenets of user-centrism are users having choice & control over their identities, is Magnolia's move, in that it takes away some such choice from users, user-centric?

And if not, can we imagine some weird parallel Universe (clearly not in this one) in which OpenID can actually be deployed in a manner that is not 100% consistent with user choice?

It hurts my brain just trying to imagine what that would look like - quantum physics always freaks me out.

Six Degrees of Obama

Discover Magazine explores the small world phenomena.

Forget Osama, more interesting is me -> Eve -> Obama

Barry is, as yet, unaware of the closeness of our relationship. I will update once we work through the current Secret Service 'unpleasantness' that is inhibiting the establishment of a direct connection between ourselves.

Now I understand

Just as Mike acknowledges a clear explanation of XRI, I will acknowledge the most concise history of web services I have ever read,
Before explaining how this is done, just a brief word on the history of Web Services. Web Services are a suite of specifications that enable two (or more) different software systems to interact without knowing the details of the other’s technology. SOAP, the core specification, was released in 1998 and essentially defined a way to encapsulate data in XML. Since that time, many specifications have been developed that add advanced functionality to this simple idea. These specifications are collectively known as WS-*.

Rare is a single paragraph that crams so many errors in (e.g. web services does not dictate SOAP, WS-* does not encompass all enhancements to the SOAP stack, SOAP does not define a way to encapsulate data, etc )

On the original post on Cardspace UI & ceremony, while I love a sarcastic critique post as much as the next guy (perhaps more so), and have spent a not insignificant amount of time cursing Cardspace experience myelf, I do question whether such an analysis belongs in a series characterized as 'history'.

In contrast, the post on the DocVRM complex is both apt and illuminating.

Sunday, March 30, 2008

A 20/80 rule

When I tell my Dad that I work on technology that reduces the number of online accounts & passwords that people have to maintain, he stares at me blankly and asks

'What, fewer than 2? Doesn't seem that bad to me.'

Before he launches into a diatribe along the lines of
"In my day, we had to lay the fiber first, then create the damn Web page ourselves, before writing out the HTTP GET by hand ... twice for good measure. And WiFi, wouldn't we have just killed for Wi-Bloody-Fi, we hand delivered IP packets, uphill both ways!"

I change the subject and ask him what he thinks about the Liberal party. A different diatribe follows.

As far as I know, Dad has 2 account names (and associated passwords), one for his email provider, another for banking.

Without numbers to back me up, I would hazard a guess that the distribution of '# of distinct online identities' follows a power law, like the distribution of connections in a social network, or of links to identity blogs - there are a few with many, but many with few.

I double posit that 20% of online people have 80% of the total number of identities, or some other pair of similarly skewed numbers that add up to 100, you choose).

Some of course wallow in the Long Tail.

Race 2007

Friday, March 28, 2008

Attention Shoppers

Software shoppers that is.

Wakoopa allows you to track what sofware you use and (a social twist being de rigeur these days) find others who use the same applications (also de rigeur is an API).

It's not merely a list of installed software, your usage is continuously tracked.
When you sign up, you also install a small tracker that keeps tabs on what software you use. This creates an online profile for you to share with the world, and also gives you updates and recommendations on what your friends and others are using.

A screenshot of my profile page

I do not (intentionally) run Windows Live Messenger. But there it is. Sneaky.

There is a 'recommendation' function

Microsoft Office is recommended because it is 'similar' to the Open Office that I use. Well that's great, I wasn't aware there were alternatives, I must look into this particular expensive software suite.

I like that they take the issue of privacy with appropriate seriousness.
We're pretty swell guys, or so our mom's tell us. Just look at our faces. If we've ever hurt anybody, it's probably been related to a teamsport or something, and even then it must've been by accident. It's a bit arrogant to say "you can trust us", but yeah... you can trust us.

Clearly what applications you use is less privacy sensitive than the what & where you do/go with those applications. Unless of course you've installed a dedicated client porn browser, ie unless the installed applications are targetted at specific services (interestingly enough, the direction in which Site Specific Browsers take us. Although I'm sure that Wakoopa's tracker is oblivious to distinct SSBs running off the same browser engine).

A hint of a business model peaks through

Did you know women spend twice as much time in Photoshop than men? We do. Wakoopa knows software.

How long till the IDM vendors get hold of such info.

Female CIOs spend 32% more time tracking federated identity transactions through pink-themed monitoring applications.

Thursday, March 27, 2008

What's the point anyways?

Torn asunderer

Now it is the Danes playing Canada in the Womens Curling Worlds.

Can I not enjoy a single game where my loyalties are not divided?

Where I could cheer unreservedly for Canada, and wish nothing but bad things for their opponents?

For instance, is there no Irish team?

Finders Seekers (Losers Weepers)

I just watched the video in which Yahoo! FireEagle was announced.

It's a geolocation broker, a user's geolocation is shared with FireEagle by any device or mechanism capapable of determining it (the 'Finders'), so that it can be subsequently shared with any other application (the 'Seekers') that may want it (user permissions allowing etc).

Do the potential privacy advantages of a broker model (i.e. single point of control, etc) outweigh the basic privacy principle of minimal disclosure? FireEagle does nothing with the user location data it receives from Finders other than control its subsequent release to Seekers. Isn't this the job & responsibility of the Finders?

It is an undeniably simpler proposition for the Finders to concern themselves only with the sharing of privacy-sensitive data with FireEagle rather than the multitude of Seekers that might ask for it. Just ask the user

'Do you consent to sharing your geodata with Yahoo!? You will need to talk to them directly to constrain what they do with it.'

and you are done.

But I don't think it's a given that the Finders' responsibility to the user for protecting their geo-privacy can be abdicated in this manner.

A key part of the Liberty Alliance Identity Governance Framework are policy mechanisms that would allow Finders to constrain the uses to which Seekers put the geodata (i.e. no direct marketing) they receive from FireEagle, even once shared with FireEagle.

Finder policy would persist through FireEagle.

Hoever they do it, I think they need something comparable. The Losers (of identity data) in this game will be Weepers.

Wednesday, March 26, 2008

Torn asunder

I'm watching Canada play Japan in the Women's World Curling Championship.

Who to cheer for?

The Japanese team is sponsored by NTT. I'm trying to recall the last time Canada cut me a check ....

OAuth Swimlane Diagram

George corrected my sequence. I had some direct interactions between consumer and service provider going through the browser.

SlideShare | View

I'm glad I didn't kvetch about the number of redirects.


Adopt a Road

Unlike comparable programs for children, Adopt a Road programs allow you to swap out your choice for a newer model.

CommunityWalk Map - Adopted Litter Zones
When I saw this baby looking up at me, I just knew we were meant for each other.

Quadratic Equation

The Ancient Greeks seemed to believe that just about everything was made out of four of something else.

For instance, the physical world was thought to be composed of earth, wind, water, and fire; for the human body the four humours were blood, black bile, yellow bile, and phlegm.

Tidy model. What are an identitifier's 'humours'? How about linkability, discoverability, uniquenessability, and memorability?

In On the Nature of Man, Hippocrates wrote that
health is primarily that state in which the constituent elements [the four humours] are in correct proportion to each other, both in strength and quality, and are well mixed. Pain occurs when one of the substances presents either a deficiency or excess.
Could have been a consultant. Or a therapist.

Tuesday, March 25, 2008

Just when I thought I was out of Facebook

I get pulled back in by an invite from a colleague with whom I would value a social connection.

Thanks Mike, thank you very &#$)@!&^% much.

See Dick Stun

In discussing whether or not the large identity providers are shirking their OpenID responsibilities by choosing not to act as RPs, Dick writes:
I think it is unfair of Michael and John to expect them [the biggies] to be Relying Parties.

I agree completely. Any RP (large or small) has the right to decide how (or from whom) it will accept 3rd party identity assertions. It's naive to think that community guilt or chiding from the IT press will change that. RPs will deploy a federated identity technology when they perceive that the advantages (for themselves) outweigh the risks (to themselves).

What is (somewhat, the rhyme with 'run' was too precious to pass up) stunning for me is that this acknowledgement from Dick (and he has said it before) comes from a member of the OpenID inner-circle.

In the same spirit of intellectual honesty, here is a little known weakness of my own preferred SSO system:

SAML's defined mechanism for IDP discovery is less than optimal.

Wow, it felt good to get that off my chest.

Dick doesn't let the Humongous OPs (HOPs?) completely off the hook.
The Big Boys can direct some of their bright talent to working with the community in general to overcome these issues

Point. Counter-point.

Monday, March 24, 2008

Authority through Reticence

I'm reading The Great Mortality by John Kelly, a history of the Black Death plague and its impact on 14th century Europe.

Kelly describes a new code of demeanor and behaviour for medical practioners that emerged in the years before the plague arrived. It was essentially a set of 'Best Practices' for interacting with patients. For instance, the code instructed physicians, when in doubt of diagnosis, to prescribe a drug, any drug "that may do some good but you know can do no harm'. (the drug companies encourage this model to this day).

A key "don't" in the code was that the physician should not be too voluble with patients, but rather to maintain authority through reticence and professional distance. If the physician were to be overly chatty and informative, then not only would their authority over the patient be likely damaged, but they ran the risk of educating themselves out of a fee.

Things have changed.

And, ironically, it's now the customers of the authorities that may feel their business model is threatened.

Site Specific Browsers & identity?

Are there implications for today's identity in Site Specific Browsers like Mozilla Prism?
An SSB is an application with an embedded browser designed to work exclusively with a single web application. It doesn’t have the menus, toolbars and accoutrements of a normal web browser.

At the very least, you can't rely on the chrome for alerting the user to phishing etc.

I installed Prism, and for each SSB application you create, you specify what UI components (e.g. location, status) will be displayed.

Separately, might 'designing to work exclusively with a single web application' interfere with SSO (e.g. redirects)? Presumably not, if the SSB just uses the underlying installed browser.

Geolocation enables Elitism

A paper Mobile social networks and social practice: A case study of Dodgeball by Lee Humphreys points to how Dodgeball users may broadcast their location in order to boast or show-off.

That is just so lame.

Saturday, March 22, 2008


What is a more important criteria for measuring friendship - some individual added to your social network (with membership likely manifested as inclusion in your social RSS) or concrete evidence of goodwill from that individual?


A friend in feed or a friend in deed?

Thursday, March 20, 2008

Easter Penance

The rules governing the intersection of Catholics, Fridays & meat appear to this outsider to be more complicated than those that govern the intersection of identity, provider processes, and technology.

It seems obvious that the governing body relaxed the Friday/meat constraints to better reflect the capabilities & desires of certain members of the CoT.
On the Fridays outside of Lent the U.S. bishops conference obtained the permission of the Holy See for Catholics in the US to substitute a penitential, or even a charitable, practice of their own choosing.

That's fine, assurance level should always match risk. But I bet traditional providers think of this as the first step on the way to federation purgatory.

Me, I gave up sarcasm for Lent.

I've already forgiven myself.

Wednesday, March 19, 2008

What if threy threw a war and nobody came?

Dave discusses the 'OpenID Login Button' bruhaha.

All these OPs fighting over RP real estate for their buttons. Why not ask the RPs what they think?

Oh yeah right ......

Willing and/or able (types of whitelists)

There are whitelists motivated by business interoperability, i.e. those providers with which the list maintainer is willing to participate in federated identity transactions, and there are whitelists motivated by protocol interoperability, i.e. those providers with which the list maintainer is able to participate in federated identity transactions.

As an example of the first sort of whitelist, Japan's Pookmark social bookmark service lists the OPs it will accept assertions from. While some believe that doing so is counter to the OpenID philosophy, the fact remains that RPs can always choose to do so (and will, as long as there are no other assurance mechanisms by which they can control their perceived risk).

As an example of the second sort of whitelist, Clickpass lists those RPs that work with the Clickpass service. While there may be some business relationship between Clickpass and these RPs, the fundamental criteria for inclusion on the list is that the RP supports Clickpass's proprietary message API.

Standards are designed to make the second sort of whitelist as large as possible, thereby allowing providers to focus on the first.

Perhaps there is a third type of whitelist? Merely implementing the same identity protocol by two parties may be insufficient to guarantee that that they can do business. Flexibility in the protocol specification, inevitably interpreted differently by different implementations, means that a more meaningful whitelist is to track providers with which you have deployment interoperability.

Tuesday, March 18, 2008

No rest for the wicked

Well actually, perhaps not necessarily.

Hubert describes some Sun work of his and Marc in which they look at a REST binding for Liberty Alliance ID-WSF.
One of the interesting evolution of online services is this sort of schism between 2 camps: the XML/SOAP based web services camp and the REST camp that's based on HTTP. For having spent considerable time in Liberty Alliance (working on ID-WSF etc.) I've noticed however that the notion of identity has not yet fully permeated into the REST world the way it did with a framework like Liberty's ID-WSF. In this post and the following ones I'd like to introduce some work we've been working on at Sun: a RESTful approach for identity-based services.

I quake in fear at the thought of having to edit all XML samples in every deck to remove <soap:Envelope> etc. Ah well, what price progress.

Clickpass Privacy Policy

Clickpass uses a 'give us your password' model for their 'assisted account merging' process,



The purpose of this URL is to check the username and password and registers a new OpenID as belonging to a particular user.

Parameters your URL should accept

Submission method: POST

* openid_url- the OpenID to be authenticated
* user_id- the primary key (i.e. username / email ) for the user
* password- the password for the user
* clickpass_merge_callback_url- a URL at the OpenID provider (i.e. Clickpass) to process the outcome of the process

I'd expect that their privacy policy would clearly cover what they would do with the info?

Is it this sentence that is meant to cover the case?
You may also provide information to Clickpass through third party websites which you log into using the Clickpass Service. Such information shall be stored by Clickpass and handled by Clickpass in accordance with this policy.

Sounds like it's in the right ballpark but why not specifically say 'you may provide us your user names & passwords and we wont use them ever again'? The 'log into using the Clickpass service' could easily be (mis)interpreted as referring to OpenID SSO rather than to the merge process.

They do acknowledge the future relevance of OAuth.

Separately, am I alone in seeing the irony of OpenID deployers, in order to address the perceived 'User Provides URI' barrier, exploring mechanisms that

a) hide the whole complexity of identifiers from the user
b) rely on shared infrastructure to facilitate IDP discovery

Just me?

Share and share alike

Ashish lists different sharing models - and categorizes identity protocols accordingly.

What clashes for me in Ashish's post is that, as I see it, he conflates sharing of attributes, the decision to do so with a given requestor or not rightfully belonging to a user, with the trust models that the different identity systems typically get deployed into (these decisions belonging to the providers).

The decisions providers make in selecting federation partners, determined by assessment of risk, liability, and business realities, is not the same decision that individual users make with regards to sharing their attributes - although they are related.

For example, in its infancy (things are changing), OpenID was deployed in a wide-open trust model, RPs and OPs were expected to be indiscriminate in selection of their partners. This partner trust model (e.g. an open white list, or a null black list) consequently placed no constraints on the trust between user and RPs that would dictate the policy over attribute sharing. If a user wants to define policy over the sharing of their attributes, they have to consider all possible RPs - this because the list is not cut down by their OP.

On the other hand, SAML, Shib, ID-WSF etc are typically deployed in a trust model where partners exercise more care in selecting partners, either directly (e.g. whitelists, blacklists) or indirectly (e.g. assurance frameworks or reputation). If the providers themselves have made decisions about whom to do business with (effectively choosing some subset of all possible partners), then their constituent users will themselves have a more constrained decision to make regarding sharing within that subset.

OpenID purists would reject the idea that an identity provider has any right to constrain the set of possible service providers that a user might choose to share their identity attributes with. It's user-centric after all.

A SAML purist (if they exist) would agree with the principle, and then make sure the spec supports whitelists.

Monday, March 17, 2008


Yes Brothers and Sisters, you heard what I said. Centralization walks amongst us, sneaking around under the innocent looking disguises of 'usability' and 'convenience'.

Do not be fooled! Centralization takes on many faces - whatever is necessary in order to lead us into its fearsome clutches.

The Word is perfectly clear - centralization is an aberrant, unnatural, and sinful lifestyle, and what's more, can pose a significant public health risk.

Let us pray.

Australian for Privacy (Redux)

Continuing on with Vikram's meme of the inner-connectedness of Australian beer commercials & privacy, I respectfully submit 'I feel like a GUID'.

I also believe there is an, as yet unexplored, analogy between export beers like Fosters & Heineken that, while popular outside of their respective origin domains (indeed, thought of as representative types), are generally considered to be like the proverbial 'Making Love in a Canoe' within those domains, and federated identity.

How juvenile (really)

My teenage niece uses FaceBook. Alot.

We were temporarily friended-up there. I removed the link so I could write this post. (Although I wonder if FaceBook's 'updates' defeated the intent of hiding her?). Her invite
Hello uncle paul, paul says u r a babe!!!

It's good to know that my namesake nephew, notwithstanding him always calling me 'Fatty', sees the inner me.

The posts from my niece's friends on her 'wall' provide an interesting insight into how they see confidentiality. For instance (some details changed to protect the (literally) innocent.)
Well if you SWEAR not to tel anyone especcialy Paula then ya I kinda like Michal...

Girlfriend, my lips are sealed. Unfortunately the Internet is the biggest gossip you've ever seen. And did you see what it wore to the Dance last Friday? You could even see its routing table!

What's not to like about Michael - he is is dreamy. And his eyes, OMG!

But wait, should Michael feel threatened? Is there somebody else in the picture?
???? im so confused what about Conor?... wat happened at school in hallway?... how do u no who he likes?... i have NO idea if he likes u or nott...

More angst, confusion and hallway scheming than an identity standards meeting.

Cookies & Claims

Modern day explorer Ranulph Fiennes purchased a biscuit left over from the Antarctic expedition of Robert Scott.

Fiennes paid almost 4000 pounds for the cookie.

The provenance of the biscuit in question was that it had been retreived from Scott's camping tent on his (failed) run back from his (failed) bid to be first to the Pole.

Claimed provenance that is. In "Race to the Pole", Fiennes hints that the cookie has crumbled.
it almost certainly came from Cape Evans, and not from the tent where Scott ad his men died, as claimed in the auction provenance.

Is there no PEBTAF (Polar Expedition Baked Treat Assurance Framework) on which to base purchase decisions?

It seems a pity but I do not think I can write any more. I am just going outside and may be some time.

Thursday, March 13, 2008

More Identity Management for Indoor Rowing

My new Concept 2 rowing set-up.

Pump out some hard-driving Zamfir and go for it.

The tenuous connection to identity management is that I am opting into the public display of personal identity data, i.e. my erg speed. I did say tenuous.

Wednesday, March 12, 2008

Privacy Flows

From Seed, a paper entitled 'Social Networks are like the Eye', that discusses how a variety of 'tastes' can flow through a social network - including privacy.
In one project developed from this research, we considered whether someone wants to keep his or her information private on the Internet. Initially, without trivializing this serious topic, the issue of privacy was a methodological nuisance. But then we realized that, in addition to its conceptual importance, we could treat privacy as a taste. And we saw that the taste for privacy flowed through the network so that if I adopt privacy settings on Facebook, the people to whom I am connected will be more likely to adopt privacy settings.

There's the rub. It's in my interest to keep my privacy settings high (all else being equal, which it isn't). But it's also in my interest for others in my networks to keep their settings low (so I can enjoy the pics of them pretending to be a car in Munich etc).

However, given the great influence I have over my peers, my high settings will likely drive them to be more privacy protective as well - thereby limiting my fun.

It seems to me that my privacy settings, additional to the identity data they protect, are themselves PII, and that the view I choose to expose of those settings to the world should not necessarily map accurately into their real values. That way, I can protect my own privacy, without prompting my friends & colleagues to do the same for themselves.

Tuesday, March 11, 2008


First Yahoo! defined its own OpenID ceremony. You can make the argument that Yahoo! is a big enough identity provider that they warrant their own button.

Does that argument hold for that other major IDP Clickpass?

I do appreciate that the inefficiencies of spam for marketing to me are being addressed.
No need to rely on sporadic emails. Clickpass prompts users to return and log in day after day... after day.

Christian Clarifies Credentica Cardspace Claims

In a comment, Microsoft's Christian Paquin clarifies the 'U-Prove works' claim.
Hopefully we might work together in the future to “demonstrate” these claims!


Connectid Acquires 'Web Log of Esoterica'

First Microsoft picks up Credentica, now Ping buys Sxip Access (allowing Sxip to focus on 'making the Internet simpler and safer', phew).

All these acquisitions make me think that unless I make a move I'll be left behind.

Consequently, I have entered into negotiations with Conor Cahill for the purchase of the assets associated with his (recently comatose) blog. Analysis of his readership convinces me there may be some value in those few posts of Conor's that link to this blog.

Once the deal closes I'll be listening to the public and quickly divesting myself of the 'Gadget' posts. You are very welcome.

Monday, March 10, 2008

Prove It (or Fox-Terriers and Small Horses)

On the capabilities of (now)Microsoft's U-Prove crypto, I keep coming across

U-Prove works with SAML, Liberty ID-WSF, and Windows CardSpace

Does it? I hope it will for all three, but as far as I know, U-Prove hasn't as yet been profiled or demonstrated to do so for any of them.

I imagine that Microsoft & Credentica discussed at great lengths the 3rd integration before the (RSA) private keys for contract signing came out, and will be spending a not insignificant amount of time going forward on the details (reconciling what appear to me to be 'topological incompatibilities').

As for the integration with SAML, dunno. For that with ID-WSF, double dunno.

A search is revealing, the phrase 'U-Prove works with SAML, Liberty ID-WSF, and Windows CardSpace' begins its life in a Credentica whitepaper, but, unconstrained by such a likely subjective origin, moves on from there - to occurrences in respected (and unaffiliated) blogs and news articles.

The phenomena (unquestioned repetition of an original unverified claim) reminds me of a Stephen Jay Gould essay called "The Case of the Creeping Fox Terrier Clone", in which he tracked the memeology of the 'about the size of a fox-terrier' descriptor for Hyracotherium/Eohippus, the earliest (and smallest) member of the horse family. Facts notwithstanding, (Eohippus was not the size of a fox-terrier), the descriptor persisted through countless high-school science books.

To clarify, I hope 'U-Prove works with SAML, Liberty ID-WSF, and Windows CardSpace'. I even believe it will eventually. But, at least currently, to say so is to make a claim, and should be treated as such, with a healthy dose of doubt (and for me personally, I always mix my doubt with cynicism).

Sunday, March 09, 2008


After spending most of the last 4 days shovelling snow

I find it inconceivable that the weather in Santa Clara for this week's Liberty meetings could be any different.

How many inches are forecast?

I wonder if I can bring my favourite shovel as carry on?

Saturday, March 08, 2008

Word of the Day

incongruous - in-kong-ru-ous
- adjective
1. out of place: the disabling of anonymous comments on a post on the Microsoft privacy blog announcing the acquisition of privacy-enhancing technology, is incongruous.

Before Gentle Reader, you remind me that U-Prove promises to provide the necessary balance between commenter privacy and blogger annoyance from spam comments, surely a privacy blog is the place where the appropriate balance shifts, and where the blogger has to simply grin and bear it (and maybe hire a high school kid to filter)?

Friday, March 07, 2008


Names matter - even for modular shelving and desk lamps.
a study conducted at University of Copenhagen. which revealed that while other Nordic countries - Sweden, Norway and Finland – lend their words and place names to prestige (Ikea) products, for example the Stockholm sofa, or the Lillehammer bed, those named after Danish towns are less than glamorous.

I've decided that before I write my angry letter to Ikea management protesting at these egregious insults to my Danish homeland, I should cool down and take a moment to contemplate - on the Oresund perhaps.

Sociable, and yet smart

How smart can they be? They barely even blog. Duhhhh.

VRM Use case

I'm creating a personal "Never Buy Again List" (NBAL)

First entry
<Name>HP Pavilion Laptop</Name>
<Reason id="aa">Piece of Shite</Reason>
<ReasonRef idref="aa"/>

HP's bots can now trawl this and save the company future postage costs and hassle.

Both sides win.


Thursday, March 06, 2008

Head in the Sand

Microsoft used to refer to WS-* as the identity metasystem, as if you couldn't achieve the defining heterogeneity without WS-Trust et al to tie it all together.

That's why it's nice to see the Cardspace book acknowledge this (albeit indirectly).

Use of 'the' when an 'a' would be more appropriate does remain.

I did get a chuckle out of
for the purpose of understanding the concepts presented in this book, you can safely ignore the protocol portion of SAML.

The ostrich strategy may not be working out so well for Microsoft itself.

Green Assurance

Why are there not levels of 'greenness', as in identity assurance?

Green Seal provides science-based environmental certification standards that are credible, transparent, and essential in an increasingly educated and competitive marketplace.

FSC is an international certification and labeling system that guarantees that the forest products you purchase come from responsibly managed forests and verified recycled sources.

EcoLogo is North America’s most widely recognized and respected certification of environmental leadership. By setting standards and certifying products in more than 120 categories, EcoLogo helps you identify, trust, buy, and sell environmentally preferable (“green”) goods and services. On this website, you’ll find more than 7,000 EcoLogo-certified products from hundreds of manufacturers.

Need to Know (Know your Need)

In announcing Microsoft's purchase of the Credentica patents (and hiring of Stefan's core team), Kim uses the 'need to know' analogy.
That danger can be addressed by adopting a need-to-know approach to the Internet.

(For the life of me, I just cannot get Sgt Shultz's 'I know nothing' out of my head.)

Credentica's U-prove technology promises to close off a (depending on the deployment environment, potentially big) 'knowledge leak' - if the IDP doesn't need to know what/where/why/when/who the user does with the assertions it creates, then the principle of minimal 'need to know' means that it shouldn't.

Cardspace seems a great application for U-Prove to prove itself. As Stefan points out, 'its a good thing' to influence/control both client and server.

Separately, I see the flip side of 'need to know' as 'know your need', i.e. entities involved in identity transactions must be able to assess and assert their needs for identity attributes. This is the CARML piece of the Identity Governance Framework). Put another way, before a decision is made as to whether or not some entity 'needs to know', it'd be nice to know why they are asking.

Wednesday, March 05, 2008

Social Middle Ground

There is a social network for Atheists. Also one for Christians.

The two networks are unlikely to be in discussions about enabling social graph portability.

Perhaps there is a role for the agnostics to proxy?

Tuesday, March 04, 2008

Identity Joke #2

An Australian, a Brit, and an American go into a bar. And then they talk.

OK, I guess you had to be there.

Delegation use case

From BoingBoing, Question Box.
The Question Box is a simple telephone intercom. Its purpose is to connect people to the Internet. It requires no literacy or computer skills.

Users place a free call by pushing the green button. They connect to an operator sitting in front of an Internet-enabled computer.

Users ask the operator questions. The operator goes online and finds their answers, translating them into the local language. The operator also sends & receives emails on the caller's behalf.

Juicy job for the village gossip.

To make this work for anything other than generic information retrieval (and not force the user to share credentials), you'd want to allow the user to grant constrained access tokens to the (hopefully bonded) operator.

Monday, March 03, 2008

SAML ECP in Firefox

Asa welcomes Peter Pritchard to the openLiberty project
He has begun the development of a SAMLv2 ECP Firefox extension

ECP could enable functionality comparable to Infocards (in the sense of a client identity selector, if not UI or crypto) but using SAML protocols rather than WS-Trust.

Separately, hey Asa, turn that frown upside-down mister.


If I had ever actually visited Denmark, the pics from this simpleSAMLphp workshop would make me homesick to go back to my Motherland.

Sunday, March 02, 2008

Rights Expression Language

Just listened to a CBC interview discussing the creation of a "Passenger Bill of Rights".

The point was made that, once the door closes, the airline can hold the passengers on-board indefinitely - motivating a "A right to not be trapped on a plane" clause in the Bill.

Straightforward 'retention' issue.

I wonder if we could express the below in IGF?

If more than seventy five minutes elapse between when the last passenger boards a plane and when either the plane takes off or it aborts, returns to the gate, and commences deplaning passengers, and/or if more than sixty minutes elapse between when the plane touches down and when the first passenger steps off the plane, all passengers will be entitled to a Trapped On Board compensation and for an additional Trapped On Board compensation for each whole thirty minutes of extra time that this situation continues.

Has the same logical structure of 'if occurrence X, then consequence Y'.