Sandhill Trek - On The Road

Friday, October 11, 2002
Identity Infrastructure: Fingernails on the Chalkboard of my Mind  
Doc Searls presents a very entertaining end to the conference today. David Weinberger says he wishes Doc had spoken on the first day to frame some of our conversations and I agree.

Doc sez that in 1996 Esther said "Chris [Locke] has a lot of rage," and Rage Boy was born. Doc pulled his post from last night about RB and Esther ("Chris and Esther sittin' in a tree...").

Personality on parade...
Buzz Phraser, an early Doc Searls programming effort.
Now he's doing the Martha Rogers thing, using old slides to present today's topic... Wi Fi infrastructure in London... War chalking... I saw this at Gnomedex. The Ben Hammersley bits and all...

Somehow I think that while the net "is fundamentally gonzo," this isn't the Identity Infrastructure thing we're looking for. Doc hasn't seen the digital identity knock-your-socks-off thing here: yesterday he was at the XNS presentation. But it didn't blow him away like it blew me away I guess.

Craig Burton is now being quoted and the presentation is gaining some substance... "One of the virtues [of the net] is the emptiness in the middle."

Vint Cerf: "The history of the net is the history of its protocols." How has Doc missed XNS? It was the happening thing here!

In July, Doc presented at OSCon: "I'll be speaking in Dave's slot in the Emerging Topics track at 1:45 this afternoon. Before OSCon, Tim had wanted me to give something like the Infrastructure talk I had given at Jabberconf in Munich. Yesterday, Phil Windley, who had seen the slides from that talk when I still had them up on the Web, suggested I look into filling one of today's schedule openings. I did, and now I'm on. The title is Infrastructure: how geeks build it, why Hollywood doesn't understand it, and how business can take advantage of it. I'll talk about blogging, but the focus will be more along the lines of my favorite one of Dave's slogans: Ask not what the Internet can do for you, ask what you can do for the Internet."

Sorry I missed his Open Source Con presentation, but I guess I saw it today... the Burton Matrix and all. Doc is so connected and tuned in.... he knows everyone and he has opinions on a lot of things. Most of these I agree with, by the way, but if this post seems churlish or if you get it that I'm a little out of sorts... there is a company called OneName and they deserve visibilty and support. They are driving an infrastructure standard called XNS. Drummond Reed has spent 10 years working toward this, and he won an award for this last night at this conference. Doc has mentioned XNS only once. I hope I get a chance to talk with him about this.

Roundtable: Privacy in the Real World  
Kevin O'Neil from ISTPA is talking about the Presdient's Critical Infrastructure Board... highlighting some of the privacy and security components... drivers license at the airport is a security tool. Included is a National Strategy to Secure Cyberspace.

Informationelle Selbstbestimmung - 15.12.1983 German Federal Constitutional Court: Informational Self Determination is a human dignity right, as an individual I have a right over the tracking of my own information.

ISTPA focuses on the protection of personal information.

Check this out...

[Go to Gary Turner's blog to see if he caught this material. I fat-fingered this post and lost most of it... perils of real-time blogging]

Here's a link to the draft National Strategy to Secure Cyberspace.

Thursday, October 10, 2002
The Identity Web  
XNS -- Extensible Name Services -- contracts are the heart of what this is about. Drummond Reed is talking. All the detail he provides reinforces my own conviction that this is the winner. This whole approach finesses the issues that the passport people, the liberty alliance people, and all the marvelous panoply of biometric vendors, smart card vendors, certificate authorities, and the rest of the privacy/identity/security marketplace concentrate on. It provides a standards based overarching identity service application architecture as rich and as varied as XML, on which it is based.

An OASIS XNS technical committee is forming. This is an effort to integrate SAML and WS Security. It will implement SAML assertions and provide the infrastructure, the vocabulary support for metadata exchange.

Privacy management will be a bread and butter application here. More important than single sign-on.

What can I say? This appeals to me a whole lot more than Passport. I think the best thing to do is ask Dave Winer what he thinks about it!

Liberty Alliance  
The Liberty Alliance wasn't born in a fight, contrary to popular opinion. Hasn't died yet, contrary to popular expectations. So what is it anyway? John Beatty, Sun's lead architect on the project is talking. The problem is that distributed identity services are not presently possible, therefore continual re-authetication to various systems is required... and Liberty Alliance is aiming at solving this problem without the drawbacks of single sign-on schemes. Goal is to increase consumer confidence and usage in electronic transactions, simplify B2B and so forth...

Liberty Alliance includes 130 organizations that have over a billion customers, managed by 16 founding sponsors.

The mnission is to establish an open standard for federated network identity through open technical specifications that will support a broad range of identity-based products and services... (among other things).

A centralized control model (Microsoft passport??) bites. Lots of reasons, but basicaslly it's about centralized control by a single organization is not a god thing nor is the limit to linking similar systems. An open federated model is a better thing.

Steve Himmer and Gary Turner  
Steve and Gary, like the snake that eats it's own tail, are blogging our blogging of this event. Now that I've blogged their blogging of our blogging I'd like to take photo credit for the snap of AKMA and Doc that they're both displaying in their hyper-recursive metabloggery.

Panel: The Role of DNS and Registries in Identity Management  
Paul Mockapetris invented the Domain Name System. Mark Foster drove number portability (presumably 800 services) in 1994 and is working on voice number to TCP/IP portability now. His company is responsible for routing voice across North America. Elliot Noss (Tucows) is Canadian, but passionate none-the-less. Esther Dyson of course is the former chair of ICANN, among her many other accomplishments. This is the best panel I've attended so far, with content so rich and conversational it defies my limited ability to blog it. Much food for thought.... for example, spam is not a privacy problem. Spammers who mine the whois database are therefore not compromising privacy, no matter how annoying they are.

Elliot thinks that DNS is a subset of some future identity database, indeed will be subsumed by this hyper-authentication engine. But at dinner last night he expressed political opinions different from my own, so it's hard to take him seriously. Mark thinks DNS is here to stay. Like me, Mark is brilliant and hirsute. Elliot blows.

CNRP, enum, roll your own TLD... creative ideas are spawned by the dozens. See you in Shanghai in a few weeks where this stuff will shake out further.

Whoops it's over. Time to rush the stage and get autographs.

Digital Rights Management Panel  
Brad the Microsoft guy, Ken the Internet2 guy, Bala the privacy management guy, Denise the litigator. David Weinberg - moderator.
Denise: DRM is a system of technological protection measures that are used to control access to digital material. Pay for use model... encryption, digital containers, copy control, identity (serial numbers, watermarks), anti-tampering technologies... access and use...

[DW] Why don't we have DRM? Microsoft says that the desire of people to get access to content without paying is ubiquitous, and the security on PCs is as good as the security in areas like smart cards in set top boxes. Brad says that we have DRM e.g. pay-per-view movies. Bala says that the Morpheus and Casa (spelling?) create business problems... an application can be protected at the time of creation... music or other digital content - the problem is what happens uponb receipt... how do we achieve persistent access control? Ken agrees with Brad that we have it but we're losing it. An enterprise acquiring material in bulk and redistributing... how do we enable appropriate access versus enforcing copyright protection.Brad makes the distinction between implementing policies at the hardware level versus at the software level. Denise says that implementing protection does away with the need for copyright protection. But Brad says that DRM is an area of enforceable contracts. Denise suggests that DRM systems arfe less than perfect, so a user is frequently frustrated because the new functions are different from what we're used to. Binding policy choices to the technology is the number one flaw in a lot of DRM discussion, according to Brad.

So there's a lot being chewed on... copyright regulation shouldn't be tied to identity... the attribute for a control mechanism shouldn't compromise anonymity, according to Ken.

Transparent enablement is critical according to Bala.

Too much to talk about, too little time.

Smarte Solutions' assumptions: "pillars of protection" must enable management of digital rights... transparent deployment...

Martha Rogers on Privacy Strategy  
Recession drives creativity...
Martha Rogers was named by Business 2.0 as one of the nineteen most important business Gurus of all time in October of 2001. Chris Locke is in the top 50 business thinkers list. Martha Rogers is kind of a... dare I say it? Hell, she's a babe. Locke is a babe magnet. The way Martha talks about "relationships" and brand loyalty... Harley customers tattooing logos on their bodies... these two should get together...

Relationships are iterative... successful relationships generate trust... a context develops over time...

We know what a memorable customer experience could be... Martha fantasizes about simplification of these relationships... Martha dreams of having a dry cleaner like mine.

Interact, remember, respond... customer service words to live by... but so far we haven't drilled down into the privacy part of the presentation... tracking customer interactions looks like the place we'll be vulnerable to privacy issues. I'm hoping Martha says this soon.

I'm sitting next to David Weinberger. Great product and service and brand... Martha says that CRM is more about people than not. I'll want to talk to David about the cluetrainista implications of this Rogers presentation.

Martha is into cookies... she's into identifying customers, differentiating them according to their value to her, and other stuff... but she hasn't wrapped privacy into her talk yet. Maybe she won't.

I am enormously impressed with Dr. Rogers, and respect the customer strategy she advocates... making each customer more valuable to the firm... grooming the customer base to find the better customers and letting the less valuable customers go... but where does customer privacy actually enter the equation?

Measuring relationship equity... managing relationship equity... there's database stuff in here, but the presentation is orthogonal to the intentions of this conference I believe. Is privacy a relationship building opportunity? Probably. Okay... she's starting to define a context... but hasn't really defined a privacy problem, nor - obviously - has she posed a solution. But the privacy issues associated with Tivo (I infer) will be really huge in a future bidirectional Tivo networked environment. The last few slides of the presentation have some privacy stuff referenced, but we breezed right by them. I have a sense that there may be some ethical dilemmas here...

Nikolaj Nyholm blogs from Digital Identity World  
It's good to know that others whose talent and insight I respect have the same difficulty blogging live that I do. Nikolaj will be on the "Who owns your information panel?" this morning.

Here We Are Again... Conference Blogging  
He wants to write words down
On pieces of paper
Recording them now
And recalling them later.

Denise Howell is a master of realtime capture of conference proceedings. We're lucky she's here at the Digital Identity World conference in Denver this week. Other great writers and bloggers aboard include Doc Searls, AKMA, Kevin Marks, Phillip Windley (CIO of the State of Utah), and others listed in the right panel at the "Real Time Coverage" page of the conference's website.

I don't give good real time coverage. This is my second Wi Fi enabled conference in as many months. At both conferences my attempts to annotate presentations in decent blog posts have been thwarted by a) talent limitations - I don't type fast and my attention-engine works differently from a good court reporter's; b) the tiny heartbreak of the bloggers' bit bucket - some of my most choice observations have been lost to Wi Fi base station hiccoughs; c) the knowledge that there are others out there blogging better, more objective posts about the same material.

So I am returning to my notebook (hard copy) to capture conference info. I'm grateful for the Wi Fi hook-up though. Right now I'm blogging BC... before coffee... from the conference reception area. On my schedule for today: Esther Dyson (Esther and Doc are talking across the lobby from me even as I blog). Esther first will moderate a panel called "Who Owns Your Information?" Later in the day she's leading another panel on DNS and registries.

Other events: Denise will take off her blogger's hat for a while today to participate on an Digital Rights Management panel; Liberty Alliance information will be forthcoming; and Drummond Reed will offer info on "the Identity Web." XNS fascinates me. Is it an elegant key to the solution for the Digital Identity gestalt, or is it - less charitably - a solution looking for a problem? Tune in later to find out!

Wednesday, October 09, 2002
Look out. Get your speed reading tuned up. Had coffee with Doc and Denise and Doc said Golby might be coming. I'm goofing around with RSS feeds in Blogger. Last I heard from Golby he was watching 737-400s pancake on the runways in Capetown. But he's on his way to Boulder with a carry-on full of camouflage gear. Some fantasy about saving Gretchen from the clutches of RB.

Current event at DIDW is GM guy talking about digital id ... This month's MIT Technology Journal also covers some of this material.

What is Kevin's RSS feed from Halley's Conference doing on the DIDW Feed  
Just a question... I'm fresh out of the opensource panel discussion that Doc Searls moderated. Doc is the only guy who can use the verb form of "ubiquity" (to ubiquitize?) with charm and grace and style. Good panel on Open Source... particularly Shibboleth... google it. "Shibboleth Internet2."

Phillip Windley - Utah CIO  
The State CIO of Utah has a clear, professional, expert understanding of the issues associated with setting up digital id standards and services in a public setting. Check out his blogging of these proceedings. Check also: Doc Searls, David Weinberger, Denise Howell, and AKMA. I'm sure other clear excellent blogging voices will emerge here too. Personally, I'm taking notes in notepad and hardcopy so I can stay with the discussion instead of getting hung up in my bloggery.

Multi-tasking at DIDW  
Privacy, security, authentication, identity management... the guy from General Motors is sharing their experience. More on this topic can be found in the recent issue of MIT's Technology Journal.

Maybe as importantly, we hear that Golby will be here... dropping in on his way to Boulder where he will act as Devil's advocate in the RB canonization investigation.