Let's avoid the word "credential". It has so many meanings as to be confusing

Last year we announced an experiment at Sun: in order to gather more information about the operational characteristics of "user-centric" identity technologies, we decided to roll out an OpenID provider for Sun employees. This OpenID provider was intended to be used by Sun employees for personal usage at various OpenID sites that have been popping up at some places. This experiment involved various parts of the company, including field people, products folks, the security team, and our Chief Privacy

I moderated a session at the recent SSO Summit titled “What is OAuth and WS-Trust, and where does it fit into your web services SSO initiatives“. “User-centric identity” is past-its-prime and “Identity as a Service‘ has already been beaten enough. And hence I was glad to get a chance to dig into the services/API use cases [...]

One of the reasons behind launching SignOn.com was to compare and contrast different identity protocols. There are things that you can learn by reading the specs. And then there are things that you can learn by deploying/implementing the specs. We have had support for OpenID and Information Cards for a long time. With the latest release, [...]

I’ll be at RSA Conference next week participating in the following events. Concordia What: The current goal is to demonstrate that SAML, WS-Fed and Information cards can co-exist and some of use cases where it makes sense. For instance, if you already have a federation setup (using SAML or WS-Fed), you can leverage Information Cards as [...]

When we look back at 2008 it will be the year that we saw as the start of something great with freeing users’ data and putting it in their control. We’ve already seen some great momentum around the Data Portability project and seen some great events (such as SG FooCamp ‘08). Several more [...]

I did the Beer and Blog tonight on how to OpenID enable your blog. Thanks to Justin Kistner for inviting me and thanks to everybody for showing up to hear me talk about OpenID (again and again and again) … ha! The gist of tonight was to show folks how easy it is to OpenID [...]

Trust (using the word here in a broad, abstract way) has been one of the strongest reason for the OpenID adoption. The spec does not require for OPs and RPs to get together and discuss key exchange, business value, liability issues, attribute data and so forth. OPs and RPs work independently of each other and [...]

Share with everyone (a.k.a OpenID) Share with a selected few (a.k.a Shibboleth/InCommon) Share with the chosen one (a.k.a SAML, WS-Fed) Share with no one (a.k.a my kids and of course the identity silos). No Tags

One of the most lively discussions at SG FooCamp was the Data Portability talk. Chris Saad was the host and a bevy of folks (Chris Messina, daveman692, Eran Hammer-Lahav, jsmarr, Tantek, Adactio, John Panzer, Eran Sandler and many others) were there talking about how to turn all of the Data Portability energy and excitement [...]