Kantara + OpenID Summit Panel Notes

Our panelists today bring a wealth of knowledge, expertise, and perspective. My job is to get them to disagree with each other in enlightening and entertaining fashion. I'd like to introduce them to you, in alphabetical order:

Joni Brennan - Joni is the executive director of the Kantara Initiative. She's been deeply involved in privacy and identity standards for nearly a decade, and focuses a lot of her effort on Trust Framework Identity Assurance and Interoperability Certification. She's also on the advisory board of the Open Identity Exchange.

Dr. Ken Klingenstein - Ken is Director of the Internet2 Middleware and Security areas, which oversees Shibboleth and other efforts. He is responsible for fostering the development and dissemination of middleware interoperability and best practices, through partnerships with campus IT architects, corporations, and government agencies.

Laurent Liscia - Laurent is the executive director of OASIS, the Organization for the Advancement of Structured Information Standards. He also represents OASIS in the international arena, serving as an advocate for open standards in matters of policy and adoption.

Mary Ruddy - Mary is the Chair of Identity Commons. Her company, Meristic, actively supports and consults to pilot identity projects. Mary's focus is on bringing innovative rule-based, role-based software to market and building software ecosystems.


Don Thibeau - Don is the executive director of the OpenID Foundation and the chairman of the Open Identity Exchange. Don has a rich background in the data, identity and social layers of both the Internet and telecom computing.

Here's what I'd like each panelist to do for starters. Please share your thoughts, in five minutes or less, on the top one or two identity standards landscape features exemplifying the following:

Trends / Transparents / Tropes / and Transients

  • Trends are important things being done that are worth knowing for the long haul.
  • Transparents are important things people keep looking through instead of at.
  • Tropes are technology metaphors that have perhaps become dull with overuse.
  • and Transients are shiny new things that are unlikely to stick around – yes, I would like you each to go there...

Who'd like to go first?


joining pieces together for solutions

landscape as a whole
perceived rigidity of KI, though it was designed to scale/flex/bend

this vs. that comparisons (vs. harmonization)
definition (re)inventions - OECD discovered the redefining misses out on people's intrinsic definitions of identity, trust, etc.

nonspecialized proprietary logins and APIs - there's room for specialization but not generic ones


evolutionary change - in 2010 we talked about OpenID 2.0 and IMI! also, success with NIH and FB accepting open identities

change - we forget it's a constant, especially around security and privacy

user-centric - useful when everything was enterprise-centric, but we know now it's all about relationships

OpenID - the brand will last, but the code bases will evolve away


collaboration as exemplified by the panel - in 2010 people complained about identity fragmentation - now it's about coopetition with convergence

organizations giving lip service to identity values - where's the outrage on identity and privacy moral imperatives? remember why we're here

tired of signing up to social networks (G+!) - he's done volunteering personal stuff

ecosystem? - let's not pick on it - likes Kaliya's "accountability framework" as something we can shoot down next year (smile)


trust framework - for its business value as a governance mechanism that replaces 1:1 contracts for T&C's


privacy - the word doesn't get you anywhere - really it's a set of duties that can be accepted and assigned in a transparent way in a trust framework

data aggregators like Acxiom and the bureaus - we're seeing the last years of those multi-billion dollar lock-in models - they're the dinosaurs of identity

He doesn't represent a standards org. They do "worst-case engineering", like handling command-line apps and rapid partner onboarding with metadata. They have legendary heterogeneity. They're serving the next gen of consumers, in classrooms. They have ~100M users in 37 countries.

interfederation - we're at the "/etc/host" level or networking - we need "DNS"!
? (attributes?) - he has serious use cases for UMA! - they have bundles of attributes they need to share
access control
social-to-SAML gateways - becoming quite common - deployment strategy? global? per-federation? per-IdP? per-RP?

schema - convergence takes a long long time - something like USPerson
diseconomies of scale - we're in thrall only to the economies - remote LOA2 proofing is really hard - federation can help
structured relationships - consumers vs. citizens - role as citizen is important - enable C2G interaction

federated identity - instead what's important is federations - federated roles and tats are going to be great business

social networks - social identities will stay

GFIPM.net: federation that has 300 attributes