IIW 21 Notes

From IIW

Tuesday October 27, 2015

Session 1

1A/ HEART & iGov

1C/ Finding Customers for VRM Products

1E/ SCIM is Done – Intro Q&A

1F/ Basics of Blockchains

1G/ Mobile Launch of MODRNA – Overview/Update

1H/ Identity Broker Pattern – 15 Fundamentals

1K/ Questions: Why JWT? SAML vs OAuth vs JWT

Session 2

2A/ Open ID Connect Logout Mechanisms Progress + Status

2C/ A Registry Directory ~ based on BLOCKCHAIN that is ROOTless & NOT Centralized

2E/ HIE of ONE Personal UMA Authorization Server Project

2F/ myTERMS User-Asserted Terms (Mozilla + Customer Commons + Others)

2G/ Fast Modular Exponentifition in JavaScript for Cryptographic Authentication

2H/ OIDC vs SAML - What are you missing & how do you solve that?

Session 3

3A/ User-Managed Access (UMA) Intro & News

3C/ Attribute Privacy in Federated Model

3D/ What is the Impact of the Blockchain Technology to the PKI base eID Schemes?

3F/ Thinking in Crypto….. #Rebooting Web of Trust

3G/ Azure AD Integration in Windows 10 – What does it mean to have a orgID Cloud Identity

3H/ An IDENTITY Rocku-Mentry ? A documentary about the past, present + future of Identity in the IIW Community

3J/ OIDC OP Testing – hands on

Session 4

4A/ Defining Consent – Collecting Personal Information with Notia Consent Receipts

4D/ XDI (Extensible Data Interchange) and Semantic Dictionaries (an update on XDI Core I.O and XDI.org)

4F/ OAuth 2.0 for Native Apps (draft IETF best practice) NEW!

4G/ Making Money from Grassroots, Distributed ID Platforms (???)

4H/ Is OpenID Connect + OAuth + UMA Complete? Why Should I switch from SAML + ID-WSF2 + Xacml?

4I/ Burning Bridges and Breaking Brokers

Session 5

5A/ Consent Receipts in UMA

5C/ SCIM Interop Discussion

5F/ XDI Registry Working Group – a rootless, decentralized, lookup service empowering the personal data ecosystem - based on the bitcoin blockchain

5G/ Potential Roles for BLOCKCHAIN in Identity

5H/ Personal Learning Environments (Domain of One’s Own, LMS, etc…)

5J/ AAD in Windows 10 (Part 2) Now that I’m Joined…

Wednesday October 28, 2015

Session 1

1A/ Vectors of Trust

1C/ Re-Delegation and Revocation with OAuth

1D/ International Perspectives

1E/ BlockChain Use Cases (not Bitcoin, not identity centric) & Distributed Ledgers?

1F/ Identity Film – Brings IIW & Core Topics to Life…

1G/ Account Chooser Working Group

1H/ Open ID Connect Certification: The news from the trenches – Google

1I/ Non-Person Entities – Delegation, Proxy and WS02, API manager

Session 2

2A/ Multi-Protocol Frameworks for Personal Data Ecosystems

2C/ Decentralized Directories/Registry (using blockchain)

2D/ Dynamic Client Registration Security Issues

2E/ Ethereum a general purpose BlockChain

2F/ Next Steps after Ad Blocking (200 million votes for what?)

2G/ Selective Disclosure – “I’m older than 18, you don’t need my birthdate” Principles, Open Questions

2J/ Post Password World – How do we get there? BRING IDEAS!

Session 3

3A/ Trust – EI – AKA “Stepped-up Authentication” with UMA and Connect

3C/ U2F Update – including mobile, passwordless, and more…

3D/ Blockchain Auth: Passwordless login with the Blockchain using JSON wcb tokens

3E/ Delivering Oauth Tokens to Things (or NAPPS 2.0)

3F/ Book Preview! OAuth2 in Action

3G/ Citizen Data Schema – SCIM, IWTs, OIDC/Interoperability of National eIO programs

3J/ BlockChain & UMA – Two Great Tastes… Do They Go Together?

Session 4

4A/ RISC – Sharing Security Events among Service Providers

4C/ Societies of Things

4D/ OIDC RP testing – hands on

4E/ PDEC - Personal Data Ecosystem Consortium. Who Cares about our Personal Data? Mapping Innovations and showing the way...

4F/ XDI Registry Working Group (Mtg #2 of 2) More “Pumpkin Theater”

4H/ SCIM Credential Mgmt Discussion

4G/ Forbidden Knowledge – Genomes, Facebook, and other High Dimensional Data

4I/ Identity Proofing – Can it be done well? Especially Remotely?

4J/ Speed Demo Reprise

Session 5

5A/ IoT Privacy Personal

5C/ UMA – Interop testing, ARP use case

5D/ HELP! Federated Profile Across the Autodesk Knowledge Network – Ideas? Standards? Architectures? Suggestions?

5E/ Thinking in Crypto – Signing JSON ?What are your best practices?

5F/ Thought Experiment: What if sites opeted-IN to USERS? (DNT + TPS + Uses Submitted Tags)

5G/ Privacy from Cradle to Grave “What is the effective consent?”

5H/ What Does “LogOUT’ mean?

5J/ Security LOFT – A volunteer organization promoting modern APP Security Standards!

5K/ BlockStore: Scalable Secure Storage with the Blockchain

5L/ Exploring Possibilities for Citizen ID Cards – A whitepaper re: core concepts/good designs

Thursday October 29, 2015

Session 1

1A/ The Permanent Web

1G/ ABAC – Attributed Based Access Control

1H/ First Experiences with the Estonian e-Residency ID

Session 2

2D/ How will Current and Legacy ID Specs (SAML,OIDC, OAuth…) Interact and/or be Replaced by BlockChain Technologies?

2G/ Help Phil outline Digital Identity 2nd Edition

2H/ OTTO – Private BlockChain HELP

Session 3

3A/ The CULTURAL Barriers to Privacy

3G/ IDENTITY – Is it always “On”? and Who should control the switch?

3H/ BlockChain ‘Governance’

Session 4

4C/ Mozilla Listens to IIW at IIW 21

4D/ BlockChain VIS a VIS Everything Else ~ Part 2 (Deux)

4F/ All Things Photography

4G/ Customer Funding

4H/ OIDC Federation for Higher Ed

Session 5

5A/ Beyonce as a Service

5F/ What Next for IIW?