https://iiw.idcommons.net/api.php?action=feedcontributions&feedformat=atom&user=OrcmidIIW - User contributions [en]2026-06-13T03:59:11ZUser contributionsMediaWiki 1.31.6https://iiw.idcommons.net/index.php?title=Clippings&diff=228Clippings2007-12-02T19:51:08Z<p>Orcmid: /* 2007-12-01 */</p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 December==<br />
<br />
===2007-12-01===<br />
<br />
:*Leah Culver: [http://www.leahculver.com/2007/12/01/oauth-tech-talk-on-justintv/ Oauth Tech Talk on justin.tv], ''Leah Culver's Stupid Blog'' (via Scobleizer), 2007-12-01. Links to video of the talk and to the slides. (''[[User:Orcmid|Orcmid]] 11:16, 2 December 2007 (PST)'')<br />
<br />
:*Dare Obasanjo: [http://www.25hoursaday.com/weblog/2007/12/01/FacebookBeaconIsUnfixable.aspx Facebook Beacon is Unfixable], ''Dare Obasanjo aka Carnage4Life'' (web log), 2007-12-01. One might think this has nothing to do with identity management. I think it is a great demonstration of the law of unintended consequences combined with the problem of people doing stuff because they can, something that always undermines our good intentions and poorly-instutionalized privacy practices. <br />
:**I don't know if Dare's appraisal is accurate, but the issues that he identifies are ones that have consequences for identity management, tracking, and unwarranted disclosure among/across commercial collaborations. <br />
:**I have colleagues who are completely sceptical of Web 2.0 efforts exactly because of these prospects and the damage that may occur before there's enough maturity to thwart mishaps of this kind. The enemy here is how far-reaching are the consequences of carelessness and how easily other interests blind the eyes that should have noticed endangering of the public interest. Whether good news or bad, the lawyers should have fun with this. Security expert Bruce Schneier is of the opinion that serious, successful litigation is the only thing that will reform the level of misconduct that is perpetuated in this manner. He may be right. (''[[User:Orcmid|Orcmid]] 11:38, 2 December 2007 (PST)'')<br />
<br />
==2007 November==<br />
<br />
===2007-11-30===<br />
<br />
:*Robin Wilton: [http://blogs.sun.com/racingsnake/entry/hmrc_breach_looking_ahead HMRC Breach -- Looking Ahead]. ''Robin Wilton's Esoterica'' (web log), 2007-11-30. Amidst the difficulties of the recent personal information breach in the UK, ably covered by Wilton and others, here is a look at some broader context around the implications for policy, public administration, and accountability of mechanisms that collect more and more information in a nicely centralized, compromisable form. An identity meta-topic? (''[[User:Orcmid|Orcmid]] 12:28, 30 November 2007 (PST)'')<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst], [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal] and [http://daveman692.livejournal.com/ David Recordon] [via [http://www.readwriteweb.com/archives/openid_google_blogger_beta.php Richard McManus] via Scobleizer]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=896 Claims in the Self-Issued Information Cards Profile]. ''Kim Cameron's Identity Weblog'', 2007-11-27. Part of a series of little how-to items, this post identifies existing URI schemes, schemas, and definitions for some common items that will appear in self-issued Information Cards, the ones likely to be used with OpenID and other user-centric identifiers. These can be used for the same attributes in other schemes, as a way to enhance portability of elements. They are also useful to think about in terms of which ones you want to be supplied in which self-issued information cards of your own. There are links to the detailed technical materials. Oddly missing is a simple example of how to employ these in an XML document. (''[[User:Orcmid|Orcmid]] 14:08, 30 November 2007 (PST)'')<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
<br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=227Clippings2007-12-02T19:39:09Z<p>Orcmid: /* 2007-12-01 */</p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 December==<br />
<br />
===2007-12-01===<br />
<br />
:*Leah Culver: [http://www.leahculver.com/2007/12/01/oauth-tech-talk-on-justintv/ Oauth Tech Talk on justin.tv], ''Leah Culver's Stupid Blog'' (via Scobleizer), 2007-12-01. Links to video of the talk and to the slides. (''[[User:Orcmid|Orcmid]] 11:16, 2 December 2007 (PST)'')<br />
<br />
:*Dare Obasanjo: [http://www.25hoursaday.com/weblog/2007/12/01/FacebookBeaconIsUnfixable.aspx Facebook Beacon is Unfixable], ''Dare Obasanjo aka Carnage4Life'' (web log), 2007-12-01. One might think this has nothing to do with identity management. I think it is a great demonstration of the law of unintended consequences combined with the problem of people doing stuff because they can, something that always undermines our good intentions and poorly-instutionalized privacy practices. <br />
:I don't know if Dare's appraisal is accurate, but the issues that he identifies are ones that have consequences for identity management, tracking, and unwarranted disclosure among/across commercial collaborations. <br />
:I have colleagues who are completely sceptical of Web 2.0 efforts exactly because of these prospects and the damage that may occur before there's enough maturity to thwart mishaps of this kind. The enemy here is how far-reaching are the consequences of carelessness and how easily other interests blind the eyes that should have noticed endangering of the public interest. (''[[User:Orcmid|Orcmid]] 11:38, 2 December 2007 (PST)'')<br />
<br />
==2007 November==<br />
<br />
===2007-11-30===<br />
<br />
:*Robin Wilton: [http://blogs.sun.com/racingsnake/entry/hmrc_breach_looking_ahead HMRC Breach -- Looking Ahead]. ''Robin Wilton's Esoterica'' (web log), 2007-11-30. Amidst the difficulties of the recent personal information breach in the UK, ably covered by Wilton and others, here is a look at some broader context around the implications for policy, public administration, and accountability of mechanisms that collect more and more information in a nicely centralized, compromisable form. An identity meta-topic? (''[[User:Orcmid|Orcmid]] 12:28, 30 November 2007 (PST)'')<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst], [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal] and [http://daveman692.livejournal.com/ David Recordon] [via [http://www.readwriteweb.com/archives/openid_google_blogger_beta.php Richard McManus] via Scobleizer]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=896 Claims in the Self-Issued Information Cards Profile]. ''Kim Cameron's Identity Weblog'', 2007-11-27. Part of a series of little how-to items, this post identifies existing URI schemes, schemas, and definitions for some common items that will appear in self-issued Information Cards, the ones likely to be used with OpenID and other user-centric identifiers. These can be used for the same attributes in other schemes, as a way to enhance portability of elements. They are also useful to think about in terms of which ones you want to be supplied in which self-issued information cards of your own. There are links to the detailed technical materials. Oddly missing is a simple example of how to employ these in an XML document. (''[[User:Orcmid|Orcmid]] 14:08, 30 November 2007 (PST)'')<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
<br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=226Clippings2007-12-02T19:38:24Z<p>Orcmid: /* 2007-12-01 */ Dare Obasanjo on Facebook Beacon</p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 December==<br />
<br />
===2007-12-01===<br />
<br />
:*Leah Culver: [http://www.leahculver.com/2007/12/01/oauth-tech-talk-on-justintv/ Oauth Tech Talk on justin.tv], ''Leah Culver's Stupid Blog'' (via Scobleizer), 2007-12-01. Links to video of the talk and to the slides. (''[[User:Orcmid|Orcmid]] 11:16, 2 December 2007 (PST)'')<br />
<br />
:*Dare Obasanjo: [http://www.25hoursaday.com/weblog/2007/12/01/FacebookBeaconIsUnfixable.aspx Facebook Beacon is Unfixable], ''Dare Obasanjo aka Carnage4Life'' (web log), 2007-12-01. One might think this has nothing to do with identity management. I think it is a great demonstration of the law of unintended consequences combined with the problem of people doing stuff because they can, something that always undermines our good intentions and poorly-instutionalized privacy practices. <br />
I don't know if Dare's appraisal is accurate, but the issues that he identifies are ones that have consequences for identity management, tracking, and unwarranted disclosure among/across commercial collaborations. <br />
I have colleagues who are completely sceptical of Web 2.0 efforts exactly because of these prospects and the damage that may occur before there's enough maturity to thwart mishaps of this kind. The enemy here is how far-reaching are the consequences of carelessness and how easily other interests blind the eyes that should have noticed endangering of the public interest. (''[[User:Orcmid|Orcmid]] 11:38, 2 December 2007 (PST)'')<br />
<br />
==2007 November==<br />
<br />
===2007-11-30===<br />
<br />
:*Robin Wilton: [http://blogs.sun.com/racingsnake/entry/hmrc_breach_looking_ahead HMRC Breach -- Looking Ahead]. ''Robin Wilton's Esoterica'' (web log), 2007-11-30. Amidst the difficulties of the recent personal information breach in the UK, ably covered by Wilton and others, here is a look at some broader context around the implications for policy, public administration, and accountability of mechanisms that collect more and more information in a nicely centralized, compromisable form. An identity meta-topic? (''[[User:Orcmid|Orcmid]] 12:28, 30 November 2007 (PST)'')<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst], [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal] and [http://daveman692.livejournal.com/ David Recordon] [via [http://www.readwriteweb.com/archives/openid_google_blogger_beta.php Richard McManus] via Scobleizer]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=896 Claims in the Self-Issued Information Cards Profile]. ''Kim Cameron's Identity Weblog'', 2007-11-27. Part of a series of little how-to items, this post identifies existing URI schemes, schemas, and definitions for some common items that will appear in self-issued Information Cards, the ones likely to be used with OpenID and other user-centric identifiers. These can be used for the same attributes in other schemes, as a way to enhance portability of elements. They are also useful to think about in terms of which ones you want to be supplied in which self-issued information cards of your own. There are links to the detailed technical materials. Oddly missing is a simple example of how to employ these in an XML document. (''[[User:Orcmid|Orcmid]] 14:08, 30 November 2007 (PST)'')<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
<br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=225Clippings2007-12-02T19:16:08Z<p>Orcmid: /* 2007 December */</p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 December==<br />
<br />
===2007-12-01===<br />
<br />
:*Leah Culver: [http://www.leahculver.com/2007/12/01/oauth-tech-talk-on-justintv/ Oauth Tech Talk on justin.tv], ''Leah Culver's Stupid Blog'' (via Scobleizer), 2007-12-01. Links to video of the talk and to the slides. (''[[User:Orcmid|Orcmid]] 11:16, 2 December 2007 (PST)'')<br />
<br />
==2007 November==<br />
<br />
===2007-11-30===<br />
<br />
:*Robin Wilton: [http://blogs.sun.com/racingsnake/entry/hmrc_breach_looking_ahead HMRC Breach -- Looking Ahead]. ''Robin Wilton's Esoterica'' (web log), 2007-11-30. Amidst the difficulties of the recent personal information breach in the UK, ably covered by Wilton and others, here is a look at some broader context around the implications for policy, public administration, and accountability of mechanisms that collect more and more information in a nicely centralized, compromisable form. An identity meta-topic? (''[[User:Orcmid|Orcmid]] 12:28, 30 November 2007 (PST)'')<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst], [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal] and [http://daveman692.livejournal.com/ David Recordon] [via [http://www.readwriteweb.com/archives/openid_google_blogger_beta.php Richard McManus] via Scobleizer]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=896 Claims in the Self-Issued Information Cards Profile]. ''Kim Cameron's Identity Weblog'', 2007-11-27. Part of a series of little how-to items, this post identifies existing URI schemes, schemas, and definitions for some common items that will appear in self-issued Information Cards, the ones likely to be used with OpenID and other user-centric identifiers. These can be used for the same attributes in other schemes, as a way to enhance portability of elements. They are also useful to think about in terms of which ones you want to be supplied in which self-issued information cards of your own. There are links to the detailed technical materials. Oddly missing is a simple example of how to employ these in an XML document. (''[[User:Orcmid|Orcmid]] 14:08, 30 November 2007 (PST)'')<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
<br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=164Clippings2007-11-30T22:08:43Z<p>Orcmid: /* 2007-11-27 */ Claims in Self-Issued Information Cards Profile</p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 November==<br />
<br />
===2007-11-30===<br />
<br />
:*Robin Wilton: [http://blogs.sun.com/racingsnake/entry/hmrc_breach_looking_ahead HMRC Breach -- Looking Ahead]. ''Robin Wilton's Esoterica'' (web log), 2007-11-30. Amidst the difficulties of the recent personal information breach in the UK, ably covered by Wilton and others, here is a look at some broader context around the implications for policy, public administration, and accountability of mechanisms that collect more and more information in a nicely centralized, compromisable form. An identity meta-topic? (''[[User:Orcmid|Orcmid]] 12:28, 30 November 2007 (PST)'')<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst], [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal] and [http://daveman692.livejournal.com/ David Recordon] [via [http://www.readwriteweb.com/archives/openid_google_blogger_beta.php Richard McManus] via Scobleizer]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=896 Claims in the Self-Issued Information Cards Profile]. ''Kim Cameron's Identity Weblog'', 2007-11-27. Part of a series of little how-to items, this post identifies existing URI schemes, schemas, and definitions for some common items that will appear in self-issued Information Cards, the ones likely to be used with OpenID and other user-centric identifiers. These can be used for the same attributes in other schemes, as a way to enhance portability of elements. They are also useful to think about in terms of which ones you want to be supplied in which self-issued information cards of your own. There are links to the detailed technical materials. Oddly missing is a simple example of how to employ these in an XML document. (''[[User:Orcmid|Orcmid]] 14:08, 30 November 2007 (PST)'')<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
<br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=156Clippings2007-11-30T20:35:28Z<p>Orcmid: /* 2007-11-29 */</p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 November==<br />
<br />
===2007-11-30===<br />
<br />
:*Robin Wilton: [http://blogs.sun.com/racingsnake/entry/hmrc_breach_looking_ahead HMRC Breach -- Looking Ahead]. ''Robin Wilton's Esoterica'' (web log), 2007-11-30. Amidst the difficulties of the recent personal information breach in the UK, ably covered by Wilton and others, here is a look at some broader context around the implications for policy, public administration, and accountability of mechanisms that collect more and more information in a nicely centralized, compromisable form. An identity meta-topic? (''[[User:Orcmid|Orcmid]] 12:28, 30 November 2007 (PST)'')<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst], [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal] and [http://daveman692.livejournal.com/ David Recordon] [via [http://www.readwriteweb.com/archives/openid_google_blogger_beta.php Richard McManus] via Scobleizer]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
<br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=154Clippings2007-11-30T20:28:41Z<p>Orcmid: /* 2007-11-30 */</p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 November==<br />
<br />
===2007-11-30===<br />
<br />
:*Robin Wilton: [http://blogs.sun.com/racingsnake/entry/hmrc_breach_looking_ahead HMRC Breach -- Looking Ahead]. ''Robin Wilton's Esoterica'' (web log), 2007-11-30. Amidst the difficulties of the recent personal information breach in the UK, ably covered by Wilton and others, here is a look at some broader context around the implications for policy, public administration, and accountability of mechanisms that collect more and more information in a nicely centralized, compromisable form. An identity meta-topic? (''[[User:Orcmid|Orcmid]] 12:28, 30 November 2007 (PST)'')<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst] and [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
<br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=153Clippings2007-11-30T20:21:47Z<p>Orcmid: </p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 November==<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst] and [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
<br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:Clippings&diff=152Talk:Clippings2007-11-30T20:18:13Z<p>Orcmid: /* Transported Clippings */</p>
<hr />
<div>The initial clippings were created simply as part of my own blog reading and clipping on the topics of Identity and IIW in particular. This is a little like del.icio.us Wiki-style.<br />
<br />
The editorial preferences for selections are mine and the bias in my selection should be apparent. I am not apologetic for that. This is a wiki and I invite others to add their clippings too.<br />
<br />
The clippings are not as dated as I thought they might be by now. There is a gap, and I will use the library-catalog update strategy -- Start adding current material now, and fill in the gap between now and then on an opportunistic (i.e., chaotically random) basis.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)'' <br />
<br />
===Transported Clippings===<br />
<br />
I have transferred clippings from Windley's IIW Wiki. <br />
<br />
'''FIX ME (NOT)''': I see that the internal links -- cross-references among the clippings pages themselves -- are still tied to the Windley Wiki. I will need to go in and edit those to be links to fragments of the page here. ADDED: This was apparently a false alarm -- I was looking at the wrong blog in my tabbed browser. (''[[User:Orcmid|Orcmid]] 12:00, 30 November 2007 (PST)'')<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)''<br />
<br />
I also learned that an easy way to make an entire page movable, rather than moving it one subsection at a time, is to add a master title at the top of the page. This will open up all of the wiki text content when you click it's edit button.<br />
<br />
Now, the downside of this is that this is apparently something that wiki spam robots look for. On the Windley IIW Wiki, those seem to be the only pages that have been defaced. We'll have to watch here. (''[[User:Orcmid|Orcmid]] 12:00, 30 November 2007 (PST)'')<br />
<br />
OH, THE DOWNSIDE: is that I have now munged the table of contents. I now how to handle that though. I will make the table of contents even more nestier. Later. (''[[User:Orcmid|Orcmid]] 12:01, 30 November 2007 (PST)'')<br />
<br />
OH, DUHHH ... and if you use the edit tab at the top of a MediaWiki page, you get the entire wikitext for the page too, with no fuss, no problems. Ah well, I needed to make an organizational cleanup for clippings anyhow. Now, when this page gets just too freekin' big, there will be other problems (because I have #fragment shortcuts among items on the page.) Your obedient servant, Professor von Clueless. (''[[User:Orcmid|Orcmid]] 12:18, 30 November 2007 (PST)'')<br />
<br />
===Initial Clippings===<br />
<br />
Just getting started and doing a morning's worth of clippings to get the hang of it<br />
<br />
Job Jar:<br />
<br />
Clipping Format explained<br />
<br />
How to add clippings<br />
<br />
What are identity-relevant clippings<br />
<br />
Other places to look<br />
<br />
Other places to put items that are different or should be easy to find as other than clippings (too)<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:14, 15 June 2007 (MDT)''<br />
<br />
A better organization and some way to roll off the older material without losing it is called for. There is probably some game with dates and levels of heading that can make exploration of clippings somewhat easier.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:24, 15 June 2007 (MDT)''<br />
<br />
I am a little concern that this Wiki is going away, to be replaced by a new MediaWiki on Identity Commons. That one isn't there yet. I need to make sure that I save the WikiText so it is easy to move it to another site. This is complicated by my using headings that break the WikiText up in line with the automatic table of contents. (This has not slowed down making clippings, the volume of related material has simply gone down in the past two days.)<br />
::''[[User:Orcmid|Orcmid]] 15:57, 18 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=151Clippings2007-11-30T20:15:34Z<p>Orcmid: </p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 November==<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst] and [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
==2007 October==<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
==2007 June==<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
==2007 May==<br />
<br />
===2007-05-27===<br />
<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
==2007 March==<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
=2006 Clippings=<br />
<br />
==2006 December==<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
==2006 October==<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
==2006 June==<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=150Clippings2007-11-30T20:12:52Z<p>Orcmid: </p>
<hr />
<div>=2007 Clippings=<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
==2007 November==<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst] and [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
=2006 Clippings=<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:Clippings&diff=149Talk:Clippings2007-11-30T20:01:43Z<p>Orcmid: /* Transported Clippings */</p>
<hr />
<div>The initial clippings were created simply as part of my own blog reading and clipping on the topics of Identity and IIW in particular. This is a little like del.icio.us Wiki-style.<br />
<br />
The editorial preferences for selections are mine and the bias in my selection should be apparent. I am not apologetic for that. This is a wiki and I invite others to add their clippings too.<br />
<br />
The clippings are not as dated as I thought they might be by now. There is a gap, and I will use the library-catalog update strategy -- Start adding current material now, and fill in the gap between now and then on an opportunistic (i.e., chaotically random) basis.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)'' <br />
<br />
===Transported Clippings===<br />
<br />
I have transferred clippings from Windley's IIW Wiki. <br />
<br />
'''FIX ME (NOT)''': I see that the internal links -- cross-references among the clippings pages themselves -- are still tied to the Windley Wiki. I will need to go in and edit those to be links to fragments of the page here. ADDED: This was apparently a false alarm -- I was looking at the wrong blog in my tabbed browser. (''[[User:Orcmid|Orcmid]] 12:00, 30 November 2007 (PST)'')<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)''<br />
<br />
I also learned that an easy way to make an entire page movable, rather than moving it one subsection at a time, is to add a master title at the top of the page. This will open up all of the wiki text content when you click it's edit button.<br />
<br />
Now, the downside of this is that this is apparently something that wiki spam robots look for. On the Windley IIW Wiki, those seem to be the only pages that have been defaced. We'll have to watch here. (''[[User:Orcmid|Orcmid]] 12:00, 30 November 2007 (PST)'')<br />
<br />
OH, THE DOWNSIDE: is that I have now munged the table of contents. I now how to handle that though. I will make the table of contents even more nestier. Later. (''[[User:Orcmid|Orcmid]] 12:01, 30 November 2007 (PST)'')<br />
<br />
===Initial Clippings===<br />
<br />
Just getting started and doing a morning's worth of clippings to get the hang of it<br />
<br />
Job Jar:<br />
<br />
Clipping Format explained<br />
<br />
How to add clippings<br />
<br />
What are identity-relevant clippings<br />
<br />
Other places to look<br />
<br />
Other places to put items that are different or should be easy to find as other than clippings (too)<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:14, 15 June 2007 (MDT)''<br />
<br />
A better organization and some way to roll off the older material without losing it is called for. There is probably some game with dates and levels of heading that can make exploration of clippings somewhat easier.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:24, 15 June 2007 (MDT)''<br />
<br />
I am a little concern that this Wiki is going away, to be replaced by a new MediaWiki on Identity Commons. That one isn't there yet. I need to make sure that I save the WikiText so it is easy to move it to another site. This is complicated by my using headings that break the WikiText up in line with the automatic table of contents. (This has not slowed down making clippings, the volume of related material has simply gone down in the past two days.)<br />
::''[[User:Orcmid|Orcmid]] 15:57, 18 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:Clippings&diff=148Talk:Clippings2007-11-30T20:00:05Z<p>Orcmid: /* Transported Clippings */</p>
<hr />
<div>The initial clippings were created simply as part of my own blog reading and clipping on the topics of Identity and IIW in particular. This is a little like del.icio.us Wiki-style.<br />
<br />
The editorial preferences for selections are mine and the bias in my selection should be apparent. I am not apologetic for that. This is a wiki and I invite others to add their clippings too.<br />
<br />
The clippings are not as dated as I thought they might be by now. There is a gap, and I will use the library-catalog update strategy -- Start adding current material now, and fill in the gap between now and then on an opportunistic (i.e., chaotically random) basis.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)'' <br />
<br />
===Transported Clippings===<br />
<br />
I have transferred clippings from Windley's IIW Wiki. <br />
<br />
'''FIX ME (NOT)''': I see that the internal links -- cross-references among the clippings pages themselves -- are still tied to the Windley Wiki. I will need to go in and edit those to be links to fragments of the page here. ADDED: This was apparently a false alarm -- I was looking at the wrong blog in my tabbed browser. (''[[User:Orcmid|Orcmid]] 12:00, 30 November 2007 (PST)'')<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)''<br />
<br />
I also learned that an easy way to make an entire page movable, rather than moving it one subsection at a time, is to add a master title at the top of the page. This will open up all of the wiki text content when you click it's edit button.<br />
<br />
Now, the downside of this is that this is apparently something that wiki spam robots look for. On the Windley IIW Wiki, those seem to be the only pages that have been defaced. We'll have to watch here. (''[[User:Orcmid|Orcmid]] 12:00, 30 November 2007 (PST)'')<br />
<br />
===Initial Clippings===<br />
<br />
Just getting started and doing a morning's worth of clippings to get the hang of it<br />
<br />
Job Jar:<br />
<br />
Clipping Format explained<br />
<br />
How to add clippings<br />
<br />
What are identity-relevant clippings<br />
<br />
Other places to look<br />
<br />
Other places to put items that are different or should be easy to find as other than clippings (too)<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:14, 15 June 2007 (MDT)''<br />
<br />
A better organization and some way to roll off the older material without losing it is called for. There is probably some game with dates and levels of heading that can make exploration of clippings somewhat easier.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:24, 15 June 2007 (MDT)''<br />
<br />
I am a little concern that this Wiki is going away, to be replaced by a new MediaWiki on Identity Commons. That one isn't there yet. I need to make sure that I save the WikiText so it is easy to move it to another site. This is complicated by my using headings that break the WikiText up in line with the automatic table of contents. (This has not slowed down making clippings, the volume of related material has simply gone down in the past two days.)<br />
::''[[User:Orcmid|Orcmid]] 15:57, 18 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=147Clippings2007-11-30T19:56:58Z<p>Orcmid: /* 2007-11-29 */ Blogger</p>
<hr />
<div>==Clippings==<br />
<br />
This collection is a bit like a link blog, providing bibliographic clippings for Identity-related materials. It is free for anyone to add to. The format should be clear by examining the wiki text for any particular date.<br />
<br />
===2007-11-29===<br />
<br />
:*Eric: [http://bloggerindraft.blogspot.com/2007/11/new-feature-openid-commenting.html New Feature: OpenID Commenting]. ''Blogger in Draft'' (web log), 2007-11-29 (via [http://netmesh.info/jernst/Digital_Identity/google-blogger-openid-beta.html Johannes Ernst] and [http://www.labnol.org/internet/blogging/leave-comments-in-blogger-with-wordpress-openid/1871/ Amit Agarwal]). The use of OpenId credentials including existing credentials from LiveJournal and WordPress are now accepted on Blogger blogs. My Blogger blogs receive so few comments that some days even a little spam is welcome. (No, this is not an invitation.) I'm so long tail this should not make any difference. We'll see, since it is very easy to discourage a commentor. Ask Kim Cameron about the grief I give him. (''[[User:Orcmid|Orcmid]] 11:56, 30 November 2007 (PST)'')<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=139Clippings2007-11-30T18:55:17Z<p>Orcmid: /* 2007-10-30 */</p>
<hr />
<div>===2007-11-29===<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
===2007-10-30===<br />
<br />
:*David Chappell: [http://www.davidchappell.com/blog/2007/10/digital-identity-for-net-applications.html Digital Identity for .NET Applications: A Technology Overview]. ''David Chappell's Weblog'', 2007-10-30. Although very technology-specific, this is representative of how identity technologies are emerging among different IT infrastructures. I just stumbled on Chappell's blog and am mining a few identity-related items. (''[[User:Orcmid|Orcmid]] 10:55, 30 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=129Clippings2007-11-29T21:02:41Z<p>Orcmid: /* 2007-11-28 */ Keith Brown</p>
<hr />
<div>===2007-11-29===<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Keith Brown: [http://www.pluralsight.com/blogs/keith/archive/2007/11/28/49313.aspx Display Tokens for Information Cards]. Security Briefs (web log), ''Pluralsight'', 2007-11-28. A straightforward discussion of the trust that you must have in your identity provider to be sure that only what you're told is being disclosed is being disclosed to the relying party. (''[[User:Orcmid|Orcmid]] 13:02, 29 November 2007 (PST)'') <br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=126Clippings2007-11-29T19:59:50Z<p>Orcmid: /* 2007-11-29 */ Joshua Porter</p>
<hr />
<div>===2007-11-29===<br />
<br />
:*Joshua Porter: [http://bokardo.com/archives/facebooks-growing-design-problem-and-a-proposed-solution/ Facebook's Growing Design Problem (and a Proposed Solution)]. ''Bokardo.com Social Web Design'' (web log), 2007-11-29. There is plenty of chatter about Facebook without cataloging it here. I selected this item because it demonstrates the perils of bottom-up problem solving (where global concerns are too easily overlooked until after the damage is done) and the propensity to do something cool because we can. Consider this in the context of [[Clippings#2007-11-28|Peter Brantley's essay]] from yesterday. Consider this in the context of alleged NSA interception of all internet traffic passing through US "border" nodes. Commercial firms are much more careless than the government, but one form of mis-conduct actually facilitates the kinds of surveillance we presumably still don't want in our society. (''[[User:Orcmid|Orcmid]] 11:59, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=119Clippings2007-11-29T18:20:07Z<p>Orcmid: /* 2007-11-28 */</p>
<hr />
<div>===2007-11-29===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Peter Brantley: [http://radar.oreilly.com/archives/2007/11/digital_reading.html Digital Reading, Subpoenas, and Privacy]. ''O'Reilly Radar'' (web log), 2007-11-28. The special protections against disclosure of reading habits, book purchases, and library activities (in the United States) is eroding in the digital space. This essay serves as a reminder that warrantless searching can and will easily breach this protection. It is interesting to me that the encryption of communications and transactions, along with measures that discourage identity tracking and correlation can help preserve the sanctity of our persons and identities from those who will attempt surveillance (commercial or governmental) simply because they are able and believe it is their privilege. Factoid: I knew that human speech does not actually put spaces between words, as we learn when trying to hear a new language, but I didn't realize that spacing of words was created in print so that we wouldn't have to read aloud. (''[[User:Orcmid|Orcmid]] 10:20, 29 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=116Clippings2007-11-29T17:53:59Z<p>Orcmid: /* 2007-11-29 */ link to Kim Cameron entry</p>
<hr />
<div>===2007-11-29===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the [[Clippings#2007-11-27|tutorial from Kim Cameron]] on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=115Clippings2007-11-29T17:52:07Z<p>Orcmid: /* 2007-11-27 */</p>
<hr />
<div>===2007-11-29===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the tutorial from Kim Cameron on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-11-27===<br />
<br />
:*Kim Cameron: [http://www.identityblog.com/?p=894 Ultimate Simplicity: 30 Lines of Code]. ''Kim Cameron's Identity Weblog'', 2007-11-27. The new CardSpace bits in .NET 3.5 permit pure HTTP (not encrypted with HTTPS and not requiring a server-side certificate) transfer of self-issued information card responses in low-security/privacy situations where unencrypted exchanges are good enough (e.g., to comment on a blog, access a wiki, and other places where recognized-identification is important more as a barrier to spammers than as a privacy and transaction security measure). The philosophy of this satisfaction of a full range of cases is provided in the post, along with a screen cast, a narrative of the process, and illustration using Kim Cameron's favorite vendor-neutral proof-of-concept, PHP.<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=114Clippings2007-11-29T17:38:19Z<p>Orcmid: /* 2007-11-29 */</p>
<hr />
<div>===2007-11-29===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/29/cardspace-for-the-rest-of-us/ CardSpace for the Rest of Us]. ''Jon Udell'' (web log), 2007-11-28. Points to the tutorial from Kim Cameron on long-tail, low privacy usage of Information Cards over HTTP as a great way to learn how this works. This has me take another look at Cameron's post. ((''[[User:Orcmid|Orcmid]] 09:38, 29 November 2007 (PST)''))<br />
<br />
===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=89Clippings2007-11-28T19:26:08Z<p>Orcmid: /* 2007-03-02 */</p>
<hr />
<div>===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Udell, Jon: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-03-01===<br />
:*Dave Winer: [http://www.scripting.com/stories/2007/03/01/preservingIdeas.html Preserving Ideas]. ''Scripting News'' (web log), 2007-03-01. Winer raises concerns about preserving our works in their hyperlinked, search-indexed form in some persistent fashion that can outlast us as part of the human digital legacy. An inspiration in Jon Udell's search for a [[Clippings#2007-05-22|life bits]] mechanism. (''[[User:Orcmid|Orcmid]] 11:26, 28 November 2007 (PST)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=87Clippings2007-11-28T19:17:02Z<p>Orcmid: /* 2007-11-28 */</p>
<hr />
<div>===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Udell, Jon: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [[Clippings#2007-05-22|life bits]] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=86Clippings2007-11-28T19:16:39Z<p>Orcmid: /* 2007-11-28 */</p>
<hr />
<div>===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Udell, Jon: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his [Clippings#2007-05-22|life bits] and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=85Clippings2007-11-28T19:15:18Z<p>Orcmid: /* 2007-05-22 */</p>
<hr />
<div>===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Udell, Jon: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his life bits and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-22===<br />
<br />
:*Jon Udell: [http://blog.jonudell.net/2007/05/22/hosted-lifebits/ Hosted Lifebits]. ''Jon Udell'' (web log), 2007-05-22. Udell speculates on what it would be like if he had a (virtual) place to stash all the bits that arise in his life, including records, writings, reports, photographs, audio, all and any digital memorability. This is related to the digital persona and identity question raised in his [[Clippings#2007-11-28|2007-11-28]] post, "Your Winnings Sir." (''[[User:Orcmid|Orcmid]] 11:15, 28 November 2007 (PST)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=84Clippings2007-11-28T19:05:08Z<p>Orcmid: /* 2007-11-28 */ Udell: Your Winnings Sir</p>
<hr />
<div>===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee]. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
:*Udell, Jon: [http://blog.jonudell.net/2007/11/28/your-winnings-sir/ Your Winnings, Sir]. ''Jon Udell'' (web log), 2007-11-28. Borrowing a line from ''Casablanca'', Jon discusses his life bits and what it might take to associate all of the occurrences of him on the internet in a simple, consistent way, as much as he would like. (''[[User:Orcmid|Orcmid]] 11:05, 28 November 2007 (PST)'')<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help:Contents&diff=82Help:Contents2007-11-28T18:58:09Z<p>Orcmid: /* Reports */</p>
<hr />
<div>==Getting Started==<br />
<br />
==Internet Identity Topics==<br />
<br />
==Internet Identity Resources==<br />
====[[Clippings]]====<br />
:Collection of links to internet-identity related material that we've noticed and may be helpful. These are different than the list of blogs where identity-related topics are a regular occurence. Clippings may be from those and other sources.<br />
<br />
====[[Reports]]====<br />
:Bibliographic information on reports produced around Digital Identity and the interest areas of Internet Identity Workshop and the Identity Commons.<br />
<br />
==Exploring IIW Wiki==<br />
<br />
==Contributing to IIW Wiki==<br />
<br />
==IIW Wiki Technical Information==<br />
<br />
* [http://www.mediawiki.org/wiki/How_does_MediaWiki_work%3F About MediaWiki], providing a brief overview and a sandbox for practicing wiki posts using the MediaWiki text format.<br />
<br />
* [http://www.mediawiki.org/wiki/Help:Contents Help on Using MediaWikis], the general Help Information available for using all MediaWiki wikis. Details can vary based on different customizations and installation of extensions. The basics are covered here.<br />
<br />
* [http://www.mediawiki.org/wiki/MediaWiki MediaWiki.org], the main site for MediaWiki downloads, support, and links to further information<br />
<br />
* [http://www.mediawiki.org/wiki/Manual:FAQ MediaWiki FAQ], is for operators as well as users of MediaWiki wikis. Sections for users include<br />
** [http://www.mediawiki.org/wiki/Manual:FAQ#Basic_usage Basic Usage], providing links to coverage of questions on basic usage<br />
** [http://www.mediawiki.org/wiki/Manual:FAQ#Where_now.3F Further Help], when you're unable to find an answer to your question</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=79Clippings2007-11-28T17:33:44Z<p>Orcmid: /* 2007-11-28 */</p>
<hr />
<div>===2007-11-28===<br />
<br />
:*Charles W. Bailey, Jr: [http://digital-scholarship.org/digitalkoans/2007/11/28/digital-identity-issues-explored-in-two-jisc-reports/ Digital Identity Issues Explored in Two JISC Reports]. Digital Koans (web log), 2007-11-28. This applies to Levels of Assurance around digital identity in United Kingdom higher education instutions. The studies are from the [http://www.jisc.ac.uk/ Joint Information Systems Committee].<br />
<br />
===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help_talk:Contents&diff=78Help talk:Contents2007-11-28T16:25:38Z<p>Orcmid: Comment on /* IIW Wiki Technical Information */</p>
<hr />
<div>===IIW Wiki Technical Information===<br />
<br />
I pulled in some links to the MediaWiki.org wiki pages that have user information and provision of general resources.<br />
<br />
What's missing is anything special about the IIW Wiki itself, who maintains it (contact info), and what is unusual or important to know about how it is setup for users here (extensions available, anything special about account setup, etc.) Some IIW Wiki "How To" items can be linked in the earlier sections on getting around here and on contributing here. However, there is also supplemental technical information that should be maintained on the wiki itself and could be linked from this section.<br />
<br />
::''[[User:Orcmid|Orcmid]] 08:25, 28 November 2007 (PST)''<br />
<br />
===Starting Fresh===<br />
<br />
I am making a top-down transfer of materials that I had in suspension on Windley's IIW Wiki. That means that there will be broken links to subordinate content until my manual crawler brings over that additional material. <br />
<br />
Now that there is a MediaWiki to use (learning wiki-text formats and editing rules is like going from one word processor to another, but without translators), I am so grateful, and in anticipation of the upcoming IIW2007b, that I may actually get around to providing the material I was interested in having here six months ago.<br />
<br />
The notes below are simply preserved here. Some of them need to be reviewed and adjusted for the Identity Commons IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:02, 27 November 2007 (PST)''<br />
<br />
===Slowing Down===<br />
<br />
[http://iiw.windley.com/wiki/Help_talk:Contents From Windley's IIW Wiki]<br />
<br />
I was discussing my promise to provide help materials on IIW Wiki with Kaliya over in Facebook. She warned me that a new Identity Wiki is going to be put up. I need to slow down here and make sure that I have the Wiki texts of pages saved somewhere that I can move them from if this Wiki disappears.<br />
<br />
[I saw a cool tool for grabbing chunks of web for archiving or making .chm (Help files) out of them. That doesn't quite work for backing up wiki material. There, the idea is to grab the wiki format (what you enter when editing a page) so the page can be recreated in any (MediaWiki) compatible wiki. Hmm. More work than I want to put in, yet an interesting tool project.]<br />
<br />
===Added Clippings===<br />
I started noticing blog items on particular identity topics that I thought it useful to provide clippings for, sort of like a link blog. This is different than a Blogroll which links to the main page of a blog that regularly has articles on identity-related topics. There should be more on the discussion page for the Clippings topic itself.<br />
::''[[User:Orcmid|Orcmid]] 10:00, 15 June 2007 (MDT)''<br />
<br />
I am not sure what happened. I lost the connection to yesterday's clippings so I put it in again. As long as I was editing, I also put clippings under a new Help topic, Internet Identity Resources, rather than Internet Identity Topics.<br />
::''[[User:Orcmid|Orcmid]] 12:20, 16 June 2007 (MDT)''<br />
<br />
===Priming the Pump===<br />
<br />
In Kaliya's [http://iiw.windley.com/wiki/Workshop_2007 IIW2007a] session 6C on Newbies, Mark Aiken and I had been thinking of things we could do, on the IIW Wiki, to make the place more hospitable and useful to newcomers as well as experienced Workshop participants. I have put up all of my Flickr images from the workshop and I am now putting down this placeholder for a Help page.<br />
<br />
There is no Help information of any kind on this site - none on how to get around the site, how to find things, how to contribute. There is also no help for the Editing and Markup that is supported by this installation of MediaWiki. I want to gather what I know into some semblance of help that deals with casual navigation and use first, creating and editing pages, and finally digging into MediaWiki (covered last, since it is infrastructure in this context).<br />
<br />
The Wikipedia main help page is at [http://en.wikipedia.org/wiki/Help:Contents Help:Contents]. This is a very useful page in terms of the kinds of things that one might cover and also have be available. The organization also seems useful for Help here, with adjustment for the different subject matter.<br />
<br />
The MediaWiki home page is at [http://www.mediawiki.org/wiki/MediaWiki MediaWiki]. It provides another level of comprehensive information.<br />
<br />
I am posting this much because I want to verify that the MediaWiki tips on formatting and links all work on this installation of MediaWiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:39, 1 June 2007 (MDT)''<br />
<br />
===First Framework===<br />
<br />
Inspired by the Wikipedia Help:Content page, I added a few section-level topics and confirmed how they appear. I will return to add some minor bits.<br />
<br />
In earlier explorations, I did learn that there is a way to see an index of all of the page titles. I must recover that and add it as a tip while the wiki is in a basically-chaotic state.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:22, 9 June 2007 (MDT)''<br />
<br />
I found it. In the toolbox on the sidebar, there is a link to [[Special:Specialpages|Special pages]]. This is an important resource for finding what there is in the absence of an explicit map or guide. The first entry on that page is the link to an index of [[Special:Allpages|All pages]]. There are other useful pages here, including ones that can be used for site maintenance.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:30, 9 June 2007 (MDT)''<br />
<br />
===License Considerations===<br />
<br />
I don't know if it is a consideration, but the [http://www.mediawiki.org/wiki/Help:Contents MediaWiki Help:Contents] section is all marked as [http://en.wikipedia.org/wiki/Public_domain public domain]. It is not clear what the requirement that derivatives be contributed to the public domain is about, since there are no such enforceable restrictions on public domain works. This appears to be bad lawyering.<br />
<br />
At the bottom of the same pages, the works are described as being subject to the [http://www.gnu.org/copyleft/fdl.html GNU Free Documentation License]. There is no indication of any options that have been exercised, so we should probably assume the standard GFDL form. However the GFDL does not prohibit commercial use, and this IIW Wiki site does. I have no idea whether license conflicts are behind the omission of help materials and other resources on the IIW Wiki. <br />
<br />
I must say that this disconnect is not one that makes me eager to post any significant contributions. I also see no praotical way of working around the MediaWiki licenses unless we can only link to that Help material and not replicate it with any specific editing applicable to the IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 14:12, 1 June 2007 (MDT)''<br />
<br />
====Differences on the Identity Commons IIW Wiki====<br />
<br />
I notice that this Wiki uses a Creative Commons 3.0 Attribution Share-Alike license, with no other stipulations. The deed states "Unported" and it took a fair amount of fussing around the Creative Commons site to learn that is the version that specifies no national copyright regime. <br />
<br />
I don't have any qualms with using Attribution Share-Alike, and I am only moving my own material from the Windley IIW Wiki, so the fact of a stronger license there (non-commercial leaps to mind) is not a concern for me as the author.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:22, 27 November 2007 (PST)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help:Contents&diff=77Help:Contents2007-11-28T16:19:40Z<p>Orcmid: /* IIW Wiki Technical Information */ addition of links for general MediaWiki information</p>
<hr />
<div>==Getting Started==<br />
<br />
==Internet Identity Topics==<br />
<br />
==Internet Identity Resources==<br />
====[[Clippings]]====<br />
:Collection of links to internet-identity related material that we've noticed and may be helpful. These are different than the list of blogs where identity-related topics are a regular occurence. Clippings may be from those and other sources.<br />
<br />
==Exploring IIW Wiki==<br />
<br />
==Contributing to IIW Wiki==<br />
<br />
==IIW Wiki Technical Information==<br />
<br />
* [http://www.mediawiki.org/wiki/How_does_MediaWiki_work%3F About MediaWiki], providing a brief overview and a sandbox for practicing wiki posts using the MediaWiki text format.<br />
<br />
* [http://www.mediawiki.org/wiki/Help:Contents Help on Using MediaWikis], the general Help Information available for using all MediaWiki wikis. Details can vary based on different customizations and installation of extensions. The basics are covered here.<br />
<br />
* [http://www.mediawiki.org/wiki/MediaWiki MediaWiki.org], the main site for MediaWiki downloads, support, and links to further information<br />
<br />
* [http://www.mediawiki.org/wiki/Manual:FAQ MediaWiki FAQ], is for operators as well as users of MediaWiki wikis. Sections for users include<br />
** [http://www.mediawiki.org/wiki/Manual:FAQ#Basic_usage Basic Usage], providing links to coverage of questions on basic usage<br />
** [http://www.mediawiki.org/wiki/Manual:FAQ#Where_now.3F Further Help], when you're unable to find an answer to your question</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Who_is_Attending&diff=69Who is Attending2007-11-28T02:19:16Z<p>Orcmid: </p>
<hr />
<div>* [http://self-issued.info/ Mike Jones], [http://www.microsoft.com Microsoft]<br />
* Henrik Biering ([http://xri.net/=henrik =henrik]), [http://www.netamia.com Netamia]<br />
* [http://blogs.sun.com/superpat Pat Patterson], [http://www.sun.com/identity Sun Microsystems]<br />
* Wendy Fong [http://www.microsoft.com Microsoft]<br />
* Dan Perry [http://xri.net/=daniel.perry =daniel.perry], [http://www.danielperry.com DanielPerry.com]<br />
* [http://connectid.blogspot.com Paul Madsen], NTT<br />
* [http://netmesh.info/jernst Johannes Ernst], [http://netmesh.us/ NetMesh]<br />
* Drummond Reed, [http://xri.net/=drummond.reed =drummond.reed] [http://equalsdrummond.name blog]<br />
* Paul Trevithick, [http://xri.net/=paul.trevithick =paul.trevithick] [http://incontextblog.com/ blog]<br />
* Mary Ruddy, [http://xri.net/=mary.ruddy =mary.ruddy]<br />
* Charles Andres, [http://xri.net/=charles-andres =charles-andres]<br />
* [http://itickr.com/ Ashish Jain], [http://www.pingidentity.com Ping Identity]<br />
* Danny Burkes, [http://www.lingr.com Lingr]<br />
* [http://virtualsoul.org Dale Olds], [http://xri.net/=dale.olds =dale.olds], [http://www.novell.com Novell] [http://bandit-project.org Bandit]<br />
* [http://identity20.com Dick Hardt], [http://www.sxip.com Sxip Identity]<br />
* [http://public.xdi.org/=Bob.Snodgrass Bob Snodgrass], [http://www.net2community.com/ net2Community]<br />
* [[User:Orcmid|Dennis Hamilton]], [http://orcmid.com/blog orcmid] [http://xri.net/=orcmid =orcmid]<br />
* Joaquin Miller [http://xri.net/=joaquin =joaquin], [http://www.joaquin.net joaquin.net]<br />
* Fen Labalme [http://xri.net/=fen =fen], [http://2idi.com 2idi], [http://www.civicactions.com/ CivicActions, LLC]</div>Orcmidhttps://iiw.idcommons.net/index.php?title=User_talk:Orcmid&diff=66User talk:Orcmid2007-11-28T02:07:59Z<p>Orcmid: </p>
<hr />
<div>==Asked and Answered==<br />
<br />
::''So, do you think this page should be discussion about orcmid, or orcmid's discussions about orcmid, or something else entirely? Wikirecursiveness is a marvelous thing.''<br />
<br />
Well, for now, it is me talking about me. How special! Even better than me talking about talking about blogging. <br />
<br />
I am pleased to report that I was able to retrieve some long-forgotten self-commentary from Windley's IIW Wiki, saving myself from have to create it again, and reminding myself of what I have been keen about all along.<br />
<br />
::''[[User:Orcmid|Orcmid]] 18:07, 27 November 2007 (PST)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help:Contents&diff=63Help:Contents2007-11-28T01:39:58Z<p>Orcmid: /* Getting Started */</p>
<hr />
<div>==Getting Started==<br />
<br />
==Internet Identity Topics==<br />
<br />
==Internet Identity Resources==<br />
====[[Clippings]]====<br />
:Collection of links to internet-identity related material that we've noticed and may be helpful. These are different than the list of blogs where identity-related topics are a regular occurence. Clippings may be from those and other sources.<br />
<br />
==Exploring IIW Wiki==<br />
<br />
==Contributing to IIW Wiki==<br />
<br />
==IIW Wiki Technical Information==</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:Reputation_Framework&diff=62Talk:Reputation Framework2007-11-28T01:37:01Z<p>Orcmid: Comment on the provenance of this topic</p>
<hr />
<div>I brought this and a few other pages over from Windley's IIW Wiki because there were links to them in pages that I authored and want to preserve. It might make more sense to link to these over there and create new ones over here, but I didn't do that.<br />
<br />
I did attend some of the sessions on a Reputation Framework at IIW 2006a and I thought it was amazing good work, and said so. I should dig out my old notes.<br />
<br />
::''[[User:Orcmid|Orcmid]] 17:37, 27 November 2007 (PST)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Reputation_Framework&diff=61Reputation Framework2007-11-28T01:34:58Z<p>Orcmid: Ported from Windley's IIW Wiki</p>
<hr />
<div>== Reputation Framework ==<br />
<br />
My grad class has been exploring reputation and building a reputation framework this semester. I'll come prepared to talk about our overall philosophy and how it is implemented in the first version of the reputation framework.<br />
<br />
Meng would like 10 minutes to present and discuss the work that has been going on at http://www.reputationgang.org/ -- a group focused on email and antispam at this time.<br />
<br />
The only guaranteed slot Meng can make it, unfortunately, is Session 8, 1:15-2:15pm Wednesday.<br />
<br />
::last updated by [http://mengwong.livejournal.com/ mengwong] on 2006-05-01 <br />
::originally created by [http://iiw.windley.com/wiki?title=User:Windley Windley] on 2006-04-06</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:Getting_Started&diff=59Talk:Getting Started2007-11-28T01:12:16Z<p>Orcmid: Provenance comment and wiki-spam concern</p>
<hr />
<div>This page, on Windley's IIW Wiki, was badly spammed and the signature from Johannes was mangled. I added a link using the information that was there.<br />
<br />
Apparently there was no other content (other than an incredible amount of Wiki spam. Apparently this spam happens on pages with a second-level heading (starting with ==) and that may be why other pages I see don't have it (or Phil caught it and cleaned them up).</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Getting_Started&diff=58Getting Started2007-11-28T01:10:16Z<p>Orcmid: Make placeholder for topic</p>
<hr />
<div>==How Do I Get Started?==<br />
<br />
This page is for collecting thoughts and suggestions on the topic of getting started. [http://mylid.net/jernst jernst]</div>Orcmidhttps://iiw.idcommons.net/index.php?title=ConceptualModels&diff=57ConceptualModels2007-11-28T01:06:12Z<p>Orcmid: Brought current a little bit.</p>
<hr />
<div>==Conceptual Models and Reassuring Confirmations== <br />
<br />
This material is from April 2006, while I was preparing for IIW 2006a, my first visit. I notice that there has been progress, but I am not sure that progress has been so much on this topic. I'm still pretty much a beginner (except now I have a couple of Information Cards) and it is still a pain in the butt to have e-mail exchanges with Johannes. Hmm ...<br />
<br />
::''[[User:Orcmid|Orcmid]] 17:06, 27 November 2007 (PST)''<br />
<br />
===Random Thoughts===<br />
<br />
What conceptual models are encouraged? How am I to understand what is happening? What conceptual pitfalls and misattributions are to be avoided?<br />
<br />
How can they be used to inspire confidence? How do they afford demonstrated security of information and operation?<br />
<br />
What are the trust requirements? Who am I trusting? What has them be trustworthy for me? <br />
<br />
What are the threats? How are they mitigated? Who/what can I rely on in the event of an exploit or incident?<br />
<br />
===Some Beginners-Mind Experiences===<br />
<br />
It will be obvious that I really am a beginner, and I am out to capture everything that happens and where I go wrong before I start to absorb too much of the craft of this and no longer see any roadblocks.<br />
<br />
====One Experience====<br />
<br />
Some links presumably to this Wiki raised a SocialText signon screen. There is no explanation of why and how one could have or obtain a SocialText signon.<br />
<br />
A Welcome to IIW e-mail inivited participation on this Wiki (for sure), and said that the site is OpenID-enabled. There was no suggestion that there was any alternative means of registration.<br />
<br />
I went through the OpenId registration process and I succeeded. I thought (probably reading too much about URL-based identity tokens) that my OpenId became http://orcmid.myopenid.com but I was mistaken. I should have realized that "orcmid" is the OpenID, I just read too much into the URL business. I figured the whole URL was required to establish some sort of context or authority regime for the ID.<br />
<br />
Next, on attempting to register myself here, I had some miserable failures using the myOpenId URL. The behavior was inscrutible. There was no explanatory message and I ended up at a mostly-blank screen with no idea what I had or had not accomplished. I was pretty sure that I wasn't registered with the site, because the little "Login" link was still in the upper right corner of the page. I even used my myOpenId password along with the URL and that didn't make any difference at all. (I knew that was dangerous, but I wasn't that concerned about the sanctity of my OpenID. I was simply out to find any use case that works at all.)<br />
<br />
I finally attempted "orcmid," with no password, and it worked just fine. In fact, it worked scarily well. "[[User:Orcmid|Orcmid]]" was simply accepted and I wasn't asked to authenticate myself in any way. This is when things got eerie, because I have no idea what had that all be so agreeable. One can certainly see that "orcmid" is a myOpenID (and I guess that means it is an OpenID by however that is coordinated), but I somehow missed the step by which it was determined that the person/computer from which the ID is being used is somehow associated with the person/computer to whom the ID has been "issued."<br />
<br />
Even stranger, if I remember correctly (it is all a blur now), I was asked to provide descriptive information for myself. So basically, I had to do everything I would have gone through for a site-specific registration, except it took me longer to figure out how to get in and I never presented a password or created one at any time. (I am moderately confident that there are cookies lying about that have something to do with this. I'm not going to clear my cookie cache just to see what that does, just yet. That will be a new experience.)<br />
<br />
Today, [http://orcmid.myopenid.com Johannes] points out that this Wiki is YADIS-enabled. Well, that's cool. Does that mean I could have used the myLID that I already have? How could I do that? Can I still do that or will that mess up my "identity" here? So I probably won't try it, because I see no way to manage it. (I don't use myLID because I find the e-mail authenticating service a bit weird and I already have and use PKI-based digital signatures and encryption on e-mail, but those are other experiences.)<br />
<br />
At the end, I have no idea what the OpenID protocol is and what the basis is for regarding it as a secure identification scheme. I think it is proposed to be a single-signon system, but the failure to have me authenticate in a visit to a new site has me think that the authentication is really, really weak. And how that ties into YADIS is a complete mystery at another level.<br />
<br />
I'll keep playing.<br />
<br />
::-- ''[[User:Orcmid|Orcmid]] 12:20, 14 April 2006 (MDT)'' (hmm, not ''my'' time zone there)<br />
<br />
Oh, another interesting aspect of registration. I also received an e-mail confirmation message that wanted to let the user of my e-mail account known that someone had registered under the name orcmid on this wiki. I had to do the usual click-through to accept the registration as valid (with respect to whatever it is the recipient at my e-mail account might mean by all that). Now, I may have done enough different things to provoke this, but I think it came from providing my profile, after I got my OpenID to let me in.<br />
<br />
I figure this is all a work in progress. I would like to see an account for how it is being developed, what the speed bumps are, and also what the target is. I think that would be very useful in terms of experiences and ways of confirming what is going on for newcomers and beginners.<br />
<br />
::-- ''[[User:Orcmid|Orcmid]] 13:19, 17 April 2006 (MDT)''<br />
<br />
====A Little More Experience: Getting Started====<br />
<br />
Checking on the [http://iiw.windley.com/wiki?title=Suggested_Topics&action=history source of changes] to the suggested topics, I saw that [[User:Http://mylid.net/jernst|Johannes]] managed to use his myLID as an User identification here. That's clever. I wonder how that got through the registration page. I'm guessing that it was done as a non-OpenID manual registration, but don't know for sure. <br />
<br />
I'm definitely interested in the [[Getting Started]] topic. I think that would be a good way for newbies such as myself to contribute to this conversation. It would be great to make cyber-identity understandable and the mechanisms transparent for anyone.<br />
<br />
::''[[User:Orcmid|Orcmid]] 17:16, 16 April 2006 (MDT)''<br />
<br />
====The Federation in the Sky====<br />
<br />
I was recently moved to do two things:<br />
#Comment on Johannes Ernst's blog about some things.<br />
#Add the LID icon and my myLID identity thingy, uh, token, alongside my name on the "Who's Coming" page.<br />
<br />
Commenting on Johannes blog is really painful, because there is no comment mechanism although there is something like a LIDwriteback, but following those links say that LID-authenticated Trackback is not yet implemented (and will be bloody awful for those of us whose blogging software doesn't do trackbacks and completely useless for those who have no blogging software and want to comment). The offered alternative is that a comment must be left. The next line apologizes for the fact that comments are not enabled at this time.<br />
<br />
So the other way is to send Johannes a message. This means I must use the very strange LID mechanism for sending messages from one LID-authenticated user to another. It is also done on the web, I get no copy of my own message, and it is through an inscrutible intermediary.<br />
<br />
Johannes likes this sort of thing, so he notices my LID identity and sends me a LID-authenticated message to me. These messages are actually kind of sucky. I don't think I can reply to them, they are pretty opaque, and they leave me feeling queezy, like I am in a group of people who can't shake hands without putting on surgical gloves and face masks first. This whole deal is socially off-putting and *it* *makes* *me* *work* *too* *damned* *hard* for no compensating benefit to me.<br />
<br />
Here's the message as the myLID system managed to deliver it to me:<br />
<br />
-----Original Message-----<br />
From: support@mylid.net [mailto:support@mylid.net] <br />
Sent: Thursday, April 27, 2006 11:16<br />
To: dennis.hamilton@acm.org<br />
Subject: LID Message for me<br />
<br />
The user with LID http://mylid.net/jernst sent the following message <br />
through your LID URL http://mylid.net/orcmid.<br />
As you expect from LID, your e-mail address was not revealed.<br />
<br />
----- START LID MESSAGE -----<br />
Hi there,<br />
<br />
saw your LID icon on the IIW attendee list. Are you aware that your <br />
MyLID.net URL is now also an OpenID? And Yadis-enabled?<br />
<br />
Looking forward to meeting you next week.<br />
<br />
Johannes.<br />
<br />
----- END LID MESSAGE -----<br />
<br />
I am very much looking forward to meeting Johannes too. His being there was the tip-over factor in my registering and making some complicated arrangements to be able to attend. Now that Eugene Eric Kim and Kim Cameron and others are on the list too, I am becoming excited about this event. I'm also feeling stupid and will have to find a way to at least take the Yadis, OPML, LID, Sxip, and other documents along with me so I can refer to them while there.<br />
<br />
Now, I have no interest in the fact that having a LID identifier (I think it is http://mylid.net/orcmid) allows me to stay anonymous to people who want to send me e-mail. This is apparently a cool thing for Johannes, but (1) I have no interest in having it be that hard for other people to reach me, (2) I publicize my e-mail address all over the place, and I willingly struggle through my spam folder to make sure that people unknown to me can reach me. I do this even though one of my very old e-mail addresses is apparently a popular disguise for nasty-grams for which I receive the postmaster notices about needing to validate, being undeliverable, etc. I never send mail with that origin, so I know it's not me. I may close that account completely, now, since my "orcmid" identity is pretty well established (ask Google). And I established it the hard way.<br />
<br />
The other problem is that the LID-mediated messages arrive in terribly sterile condition. The sender is not something it is useful to file under. The subject line is even worse. What happens if I receive several of these? These are impossible. So this is decidedly unfriendly with respect to all of my tools, all of my work practices around e-mail, and so on.<br />
<br />
The other problem with sending Johannes a message via the form on his blog is that, when I was kicked over to myLID to authenticate myself, it left me there. So I had no idea whether the message was actually sent, etc. So I went back (by using the Back button in my browser) and sent the message again. The second time I found there was a way to see a log of my actions with my myLID identity (token or whatever I should call it), and I could see that myLID thought I had passed muster and sent Johannes a message. I have no idea. He hasn't replied to it so I don't know if that process worked or not, and now I can't even remember what I said.<br />
<br />
I commented somewhere that I found this experience sending a message to Johannes to be lame, where a calibration on "lame" was that Passport is friendlier and easier to use (and preferable). In fact, using PKI and my (and others) digital signatures (from VeriSign in this case) for sending e-mail via SMTP/POP3 is also way more effortless. I am accustomed to this. It takes two extra clicks and no entries to sign a message. It takes almost no effort to receive a signed message. And this is something that people think is too hard! Imagine how getting anything done with LID and OpenID fit on that scale.<br />
<br />
OK, one more thing. Johannes is happy to let me know that LID is an OpenID and at least LID is Yadis-enabled. No, I didn't know that. I also have no idea what that means I can do. I got an OpenID because Phil Windley said I needed one in his IIW welcome e-mail. I already had a LID. I would have had no reason to try it on the log-in/registration for this wiki. I had enough trouble figuring out what my actual OpenID was. (I am happy that it is just "orcmid", I just didn't expect it to be that simple, and I still don't see how I was ever authenticated to this wiki, which ended up doing an ordinary e-mail confirmation link-back check anyhow). And so far, I have no idea what it means to me that LID and perhaps OpenID are Yadis-enabled.<br />
<br />
The bottom line. There's far more work needed to get the use cases and interactions with these systems to be easy for end-users and to have them stay out of the users' way as much as possible. I'm sure that will be done (for the survivors). It just seems useful to point out the gap between the current (experimental?) provisions and the idealized end-state.<br />
<br />
::''[[User:Orcmid|Orcmid]] 17:19, 27 April 2006 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=ConceptualModels&diff=56ConceptualModels2007-11-28T00:59:08Z<p>Orcmid: Transported over from Windley's IIW Wiki</p>
<hr />
<div>==Conceptual Models and Reassuring Confirmations== <br />
<br />
===Random Thoughts===<br />
<br />
What conceptual models are encouraged? How am I to understand what is happening? What conceptual pitfalls and misattributions are to be avoided?<br />
<br />
How can they be used to inspire confidence? How do they afford demonstrated security of information and operation?<br />
<br />
What are the trust requirements? Who am I trusting? What has them be trustworthy for me? <br />
<br />
What are the threats? How are they mitigated? Who/what can I rely on in the event of an exploit or incident?<br />
<br />
===Some Beginners-Mind Experiences===<br />
<br />
It will be obvious that I really am a beginner, and I am out to capture everything that happens and where I go wrong before I start to absorb too much of the craft of this and no longer see any roadblocks.<br />
<br />
====One Experience====<br />
<br />
Some links presumably to this Wiki raised a SocialText signon screen. There is no explanation of why and how one could have or obtain a SocialText signon.<br />
<br />
A Welcome to IIW e-mail inivited participation on this Wiki (for sure), and said that the site is OpenID-enabled. There was no suggestion that there was any alternative means of registration.<br />
<br />
I went through the OpenId registration process and I succeeded. I thought (probably reading too much about URL-based identity tokens) that my OpenId became http://orcmid.myopenid.com but I was mistaken. I should have realized that "orcmid" is the OpenID, I just read too much into the URL business. I figured the whole URL was required to establish some sort of context or authority regime for the ID.<br />
<br />
Next, on attempting to register myself here, I had some miserable failures using the myOpenId URL. The behavior was inscrutible. There was no explanatory message and I ended up at a mostly-blank screen with no idea what I had or had not accomplished. I was pretty sure that I wasn't registered with the site, because the little "Login" link was still in the upper right corner of the page. I even used my myOpenId password along with the URL and that didn't make any difference at all. (I knew that was dangerous, but I wasn't that concerned about the sanctity of my OpenID. I was simply out to find any use case that works at all.)<br />
<br />
I finally attempted "orcmid," with no password, and it worked just fine. In fact, it worked scarily well. "[[User:Orcmid|Orcmid]]" was simply accepted and I wasn't asked to authenticate myself in any way. This is when things got eerie, because I have no idea what had that all be so agreeable. One can certainly see that "orcmid" is a myOpenID (and I guess that means it is an OpenID by however that is coordinated), but I somehow missed the step by which it was determined that the person/computer from which the ID is being used is somehow associated with the person/computer to whom the ID has been "issued."<br />
<br />
Even stranger, if I remember correctly (it is all a blur now), I was asked to provide descriptive information for myself. So basically, I had to do everything I would have gone through for a site-specific registration, except it took me longer to figure out how to get in and I never presented a password or created one at any time. (I am moderately confident that there are cookies lying about that have something to do with this. I'm not going to clear my cookie cache just to see what that does, just yet. That will be a new experience.)<br />
<br />
Today, [http://orcmid.myopenid.com Johannes] points out that this Wiki is YADIS-enabled. Well, that's cool. Does that mean I could have used the myLID that I already have? How could I do that? Can I still do that or will that mess up my "identity" here? So I probably won't try it, because I see no way to manage it. (I don't use myLID because I find the e-mail authenticating service a bit weird and I already have and use PKI-based digital signatures and encryption on e-mail, but those are other experiences.)<br />
<br />
At the end, I have no idea what the OpenID protocol is and what the basis is for regarding it as a secure identification scheme. I think it is proposed to be a single-signon system, but the failure to have me authenticate in a visit to a new site has me think that the authentication is really, really weak. And how that ties into YADIS is a complete mystery at another level.<br />
<br />
I'll keep playing.<br />
<br />
::-- ''[[User:Orcmid|Orcmid]] 12:20, 14 April 2006 (MDT)'' (hmm, not ''my'' time zone there)<br />
<br />
Oh, another interesting aspect of registration. I also received an e-mail confirmation message that wanted to let the user of my e-mail account known that someone had registered under the name orcmid on this wiki. I had to do the usual click-through to accept the registration as valid (with respect to whatever it is the recipient at my e-mail account might mean by all that). Now, I may have done enough different things to provoke this, but I think it came from providing my profile, after I got my OpenID to let me in.<br />
<br />
I figure this is all a work in progress. I would like to see an account for how it is being developed, what the speed bumps are, and also what the target is. I think that would be very useful in terms of experiences and ways of confirming what is going on for newcomers and beginners.<br />
<br />
::-- ''[[User:Orcmid|Orcmid]] 13:19, 17 April 2006 (MDT)''<br />
<br />
====A Little More Experience: Getting Started====<br />
<br />
Checking on the [http://iiw.windley.com/wiki?title=Suggested_Topics&action=history source of changes] to the suggested topics, I saw that [[User:Http://mylid.net/jernst|Johannes]] managed to use his myLID as an User identification here. That's clever. I wonder how that got through the registration page. I'm guessing that it was done as a non-OpenID manual registration, but don't know for sure. <br />
<br />
I'm definitely interested in the [[Getting Started]] topic. I think that would be a good way for newbies such as myself to contribute to this conversation. It would be great to make cyber-identity understandable and the mechanisms transparent for anyone.<br />
<br />
::''[[User:Orcmid|Orcmid]] 17:16, 16 April 2006 (MDT)''<br />
<br />
====The Federation in the Sky====<br />
<br />
I was recently moved to do two things:<br />
#Comment on Johannes Ernst's blog about some things.<br />
#Add the LID icon and my myLID identity thingy, uh, token, alongside my name on the "Who's Coming" page.<br />
<br />
Commenting on Johannes blog is really painful, because there is no comment mechanism although there is something like a LIDwriteback, but following those links say that LID-authenticated Trackback is not yet implemented (and will be bloody awful for those of us whose blogging software doesn't do trackbacks and completely useless for those who have no blogging software and want to comment). The offered alternative is that a comment must be left. The next line apologizes for the fact that comments are not enabled at this time.<br />
<br />
So the other way is to send Johannes a message. This means I must use the very strange LID mechanism for sending messages from one LID-authenticated user to another. It is also done on the web, I get no copy of my own message, and it is through an inscrutible intermediary.<br />
<br />
Johannes likes this sort of thing, so he notices my LID identity and sends me a LID-authenticated message to me. These messages are actually kind of sucky. I don't think I can reply to them, they are pretty opaque, and they leave me feeling queezy, like I am in a group of people who can't shake hands without putting on surgical gloves and face masks first. This whole deal is socially off-putting and *it* *makes* *me* *work* *too* *damned* *hard* for no compensating benefit to me.<br />
<br />
Here's the message as the myLID system managed to deliver it to me:<br />
<br />
-----Original Message-----<br />
From: support@mylid.net [mailto:support@mylid.net] <br />
Sent: Thursday, April 27, 2006 11:16<br />
To: dennis.hamilton@acm.org<br />
Subject: LID Message for me<br />
<br />
The user with LID http://mylid.net/jernst sent the following message <br />
through your LID URL http://mylid.net/orcmid.<br />
As you expect from LID, your e-mail address was not revealed.<br />
<br />
----- START LID MESSAGE -----<br />
Hi there,<br />
<br />
saw your LID icon on the IIW attendee list. Are you aware that your <br />
MyLID.net URL is now also an OpenID? And Yadis-enabled?<br />
<br />
Looking forward to meeting you next week.<br />
<br />
Johannes.<br />
<br />
----- END LID MESSAGE -----<br />
<br />
I am very much looking forward to meeting Johannes too. His being there was the tip-over factor in my registering and making some complicated arrangements to be able to attend. Now that Eugene Eric Kim and Kim Cameron and others are on the list too, I am becoming excited about this event. I'm also feeling stupid and will have to find a way to at least take the Yadis, OPML, LID, Sxip, and other documents along with me so I can refer to them while there.<br />
<br />
Now, I have no interest in the fact that having a LID identifier (I think it is http://mylid.net/orcmid) allows me to stay anonymous to people who want to send me e-mail. This is apparently a cool thing for Johannes, but (1) I have no interest in having it be that hard for other people to reach me, (2) I publicize my e-mail address all over the place, and I willingly struggle through my spam folder to make sure that people unknown to me can reach me. I do this even though one of my very old e-mail addresses is apparently a popular disguise for nasty-grams for which I receive the postmaster notices about needing to validate, being undeliverable, etc. I never send mail with that origin, so I know it's not me. I may close that account completely, now, since my "orcmid" identity is pretty well established (ask Google). And I established it the hard way.<br />
<br />
The other problem is that the LID-mediated messages arrive in terribly sterile condition. The sender is not something it is useful to file under. The subject line is even worse. What happens if I receive several of these? These are impossible. So this is decidedly unfriendly with respect to all of my tools, all of my work practices around e-mail, and so on.<br />
<br />
The other problem with sending Johannes a message via the form on his blog is that, when I was kicked over to myLID to authenticate myself, it left me there. So I had no idea whether the message was actually sent, etc. So I went back (by using the Back button in my browser) and sent the message again. The second time I found there was a way to see a log of my actions with my myLID identity (token or whatever I should call it), and I could see that myLID thought I had passed muster and sent Johannes a message. I have no idea. He hasn't replied to it so I don't know if that process worked or not, and now I can't even remember what I said.<br />
<br />
I commented somewhere that I found this experience sending a message to Johannes to be lame, where a calibration on "lame" was that Passport is friendlier and easier to use (and preferable). In fact, using PKI and my (and others) digital signatures (from VeriSign in this case) for sending e-mail via SMTP/POP3 is also way more effortless. I am accustomed to this. It takes two extra clicks and no entries to sign a message. It takes almost no effort to receive a signed message. And this is something that people think is too hard! Imagine how getting anything done with LID and OpenID fit on that scale.<br />
<br />
OK, one more thing. Johannes is happy to let me know that LID is an OpenID and at least LID is Yadis-enabled. No, I didn't know that. I also have no idea what that means I can do. I got an OpenID because Phil Windley said I needed one in his IIW welcome e-mail. I already had a LID. I would have had no reason to try it on the log-in/registration for this wiki. I had enough trouble figuring out what my actual OpenID was. (I am happy that it is just "orcmid", I just didn't expect it to be that simple, and I still don't see how I was ever authenticated to this wiki, which ended up doing an ordinary e-mail confirmation link-back check anyhow). And so far, I have no idea what it means to me that LID and perhaps OpenID are Yadis-enabled.<br />
<br />
The bottom line. There's far more work needed to get the use cases and interactions with these systems to be easy for end-users and to have them stay out of the users' way as much as possible. I'm sure that will be done (for the survivors). It just seems useful to point out the gap between the current (experimental?) provisions and the idealized end-state.<br />
<br />
::''[[User:Orcmid|Orcmid]] 17:19, 27 April 2006 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:The_User_Experience_of_User-Centric_Identity&diff=55Talk:The User Experience of User-Centric Identity2007-11-28T00:55:46Z<p>Orcmid: Remark on the provenance of this material and the wiki-spam surrounding the original</p>
<hr />
<div>This page and its discussion page were subjected to serious wiki-spam vandalism. I hadn't noticed until looking for material to port.<br />
<br />
I also see that this page was started by BSnodgrass (I had simply added a link to it in my User:Orcmid page. So there is a license compatibility issue with bringing the BSnodgrass material over here. I'll sort that out later.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:55, 27 November 2007 (PST)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=The_User_Experience_of_User-Centric_Identity&diff=54The User Experience of User-Centric Identity2007-11-28T00:50:11Z<p>Orcmid: Ported from Windley's IIW Wiki</p>
<hr />
<div>==The User Experience of User-Centric Identity==<br />
<br />
How can we develop best practices for improving it?<br />
<br />
== Reviewing the User Experience ==<br />
<br />
It would be very helpful to establish a list of "use cases" and discuss options for use, the technical workings, best practices and the user experience for each. If user-centric identity is to be adopted and used on a global basis, even basic users must be educated and assured on the benefits and limitations of the approach. Day to day use must be intuitive and not require additional effort on the users part.<br />
<br />
Potential Use Cases<br />
<br />
Initial registration on a new site, Login and Authentication, Requesting information from a user, Approval of information sharing by a user<br />
<br />
Others?<br />
<br />
--[[User:Bsnodgrass|Bsnodgrass]] 07:19, 20 April 2006 (CDT)<br />
<br />
=== Burning Questions ===<br />
<br />
Of particular interest to me is to understand how a user is protected from having their identity being misused. Since it is a persistent identifier can it be attributed back to the person? For instance how is a person to shield their identity from those who might be intent on finding and persecuting them for their activism? On the flip side, how is a user protected from criminal use of the same "shielding"? Couldn't the deviant or criminal element be shielding their bad intent from others? <br />
<br />
--[[User:Bsnodgrass|Bsnodgrass]] 08:17, 20 April 2006 (CDT)<br />
<br />
=== Existing Examples ===<br />
<br />
I think it might be useful to capture some existing scenarios using LID, OpenID, and Yadis to see exactly what the gotchas are with those already. My experience so far has been lame (where "lame" is at a point where I'd rather use Microsoft Passport than have to work so hard). I know these are all works-in-progress, but I don't understand how these are kept conceptually simple, smoothly operating, and not getting in the way of the user whose goal is not admiration for the identity system but getting something accomplished.<br />
<br />
::''[[User:Orcmid|Orcmid]] 12:11, 25 April 2006 (MDT)''<br />
<br />
==== The Federation in the Sky and Other Challenges ====<br />
<br />
There is more related to this topic and the suggested examples at [[ConceptualModels#The_Federation_in_the_Sky|Conceptual Models: The Federation in the Sky]].<br />
<br />
::''[[User:Orcmid|Orcmid]] 17:16, 27 April 2006 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:Clippings&diff=52Talk:Clippings2007-11-28T00:41:58Z<p>Orcmid: /* Transported Clippings */</p>
<hr />
<div>The initial clippings were created simply as part of my own blog reading and clipping on the topics of Identity and IIW in particular. This is a little like del.icio.us Wiki-style.<br />
<br />
The editorial preferences for selections are mine and the bias in my selection should be apparent. I am not apologetic for that. This is a wiki and I invite others to add their clippings too.<br />
<br />
The clippings are not as dated as I thought they might be by now. There is a gap, and I will use the library-catalog update strategy -- Start adding current material now, and fill in the gap between now and then on an opportunistic (i.e., chaotically random) basis.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)'' <br />
<br />
===Transported Clippings===<br />
<br />
I have transferred clippings from Windley's IIW Wiki. <br />
<br />
'''FIX ME''': I see that the internal links -- cross-references among the clippings pages themselves -- are still tied to the Windley Wiki. I will need to go in and edit those to be links to fragments of the page here.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)''<br />
<br />
===Initial Clippings===<br />
<br />
Just getting started and doing a morning's worth of clippings to get the hang of it<br />
<br />
Job Jar:<br />
<br />
Clipping Format explained<br />
<br />
How to add clippings<br />
<br />
What are identity-relevant clippings<br />
<br />
Other places to look<br />
<br />
Other places to put items that are different or should be easy to find as other than clippings (too)<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:14, 15 June 2007 (MDT)''<br />
<br />
A better organization and some way to roll off the older material without losing it is called for. There is probably some game with dates and levels of heading that can make exploration of clippings somewhat easier.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:24, 15 June 2007 (MDT)''<br />
<br />
I am a little concern that this Wiki is going away, to be replaced by a new MediaWiki on Identity Commons. That one isn't there yet. I need to make sure that I save the WikiText so it is easy to move it to another site. This is complicated by my using headings that break the WikiText up in line with the automatic table of contents. (This has not slowed down making clippings, the volume of related material has simply gone down in the past two days.)<br />
::''[[User:Orcmid|Orcmid]] 15:57, 18 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:Clippings&diff=51Talk:Clippings2007-11-28T00:41:12Z<p>Orcmid: /* Transported Clippings */</p>
<hr />
<div>The initial clippings were created simply as part of my own blog reading and clipping on the topics of Identity and IIW in particular. This is a little like del.icio.us Wiki-style.<br />
<br />
The editorial preferences for selections are mine and the bias in my selection should be apparent. I am not apologetic for that. This is a wiki and I invite others to add their clippings too.<br />
<br />
The clippings are not as dated as I thought they might be by now. There is a gap, and I will use the library-catalog update strategy -- Start adding current material now, and fill in the gap between now and then on an opportunistic (i.e., chaotically random) basis.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)'' <br />
<br />
===Transported Clippings===<br />
<br />
I have transferred clippings from Windley's IIW Wiki. <br />
<br />
'FIX ME': I see that the internal links -- cross-references among the clippings pages themselves -- are still tied to the Windley Wiki. I will need to go in and edit those to be links to fragments of the page here.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)''<br />
<br />
===Initial Clippings===<br />
<br />
Just getting started and doing a morning's worth of clippings to get the hang of it<br />
<br />
Job Jar:<br />
<br />
Clipping Format explained<br />
<br />
How to add clippings<br />
<br />
What are identity-relevant clippings<br />
<br />
Other places to look<br />
<br />
Other places to put items that are different or should be easy to find as other than clippings (too)<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:14, 15 June 2007 (MDT)''<br />
<br />
A better organization and some way to roll off the older material without losing it is called for. There is probably some game with dates and levels of heading that can make exploration of clippings somewhat easier.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:24, 15 June 2007 (MDT)''<br />
<br />
I am a little concern that this Wiki is going away, to be replaced by a new MediaWiki on Identity Commons. That one isn't there yet. I need to make sure that I save the WikiText so it is easy to move it to another site. This is complicated by my using headings that break the WikiText up in line with the automatic table of contents. (This has not slowed down making clippings, the volume of related material has simply gone down in the past two days.)<br />
::''[[User:Orcmid|Orcmid]] 15:57, 18 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Talk:Clippings&diff=50Talk:Clippings2007-11-28T00:40:27Z<p>Orcmid: Explanation of what this is.</p>
<hr />
<div>The initial clippings were created simply as part of my own blog reading and clipping on the topics of Identity and IIW in particular. This is a little like del.icio.us Wiki-style.<br />
<br />
The editorial preferences for selections are mine and the bias in my selection should be apparent. I am not apologetic for that. This is a wiki and I invite others to add their clippings too.<br />
<br />
The clippings are not as dated as I thought they might be by now. There is a gap, and I will use the library-catalog update strategy -- Start adding current material now, and fill in the gap between now and then on an opportunistic (i.e., chaotically random) basis.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)'' <br />
<br />
===Transported Clippings===<br />
<br />
I have transferred clippings from Windley's IIW Wiki. <br />
<br />
FIX ME: I see that the internal links -- cross-references among the clippings pages themselves -- are still tied to the Windley Wiki. I will need to go in and edit those to be links to fragments of the page here.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:40, 27 November 2007 (PST)''<br />
<br />
===Initial Clippings===<br />
<br />
Just getting started and doing a morning's worth of clippings to get the hang of it<br />
<br />
Job Jar:<br />
<br />
Clipping Format explained<br />
<br />
How to add clippings<br />
<br />
What are identity-relevant clippings<br />
<br />
Other places to look<br />
<br />
Other places to put items that are different or should be easy to find as other than clippings (too)<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:14, 15 June 2007 (MDT)''<br />
<br />
A better organization and some way to roll off the older material without losing it is called for. There is probably some game with dates and levels of heading that can make exploration of clippings somewhat easier.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:24, 15 June 2007 (MDT)''<br />
<br />
I am a little concern that this Wiki is going away, to be replaced by a new MediaWiki on Identity Commons. That one isn't there yet. I need to make sure that I save the WikiText so it is easy to move it to another site. This is complicated by my using headings that break the WikiText up in line with the automatic table of contents. (This has not slowed down making clippings, the volume of related material has simply gone down in the past two days.)<br />
::''[[User:Orcmid|Orcmid]] 15:57, 18 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Clippings&diff=49Clippings2007-11-28T00:33:32Z<p>Orcmid: Transfer from Windley's IIW Wiki</p>
<hr />
<div>===2007-06-20===<br />
:*Ethan Ackerman: [http://blog.ericgoldman.org/archives/2007/06/the_4th_amendme.htm The 4th Ammendment in Your Inbox] supplementing Randy Picker's [[Clippings#2007-06-18|2007-06-18 analysis]] of the privacy-significant Warshak vs. US decision at the 6th Circuit.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=811 Collusion takes effort; how much?] wherein Eric Norman expands our sensibilities about collusion (see [[Clippings#2007-06-19|yesterday]]) and ties in Warshak vs. US to boot. <br />
:*Michael Kaplan: [http://blogs.msdn.com/michkap/archive/2007/06/20/3424633.aspx Overheard Recently] where we might consider the identity of someone whose voice is dubbed by the same translator throughout the international run of a television series: Who is your character? Who are you (the actor)? What are the identities involved? In all of the translations and language/culture markets?<br />
:*Joshua Porter: [http://bokardo.com/archives/common-pitfalls-of-building-social-web-applications-and-how-to-avoid-them-part-2/ Common Pitfalls of Building Social Web Applications and How to Avoid Them, Part 2] evoking déjà vu with conversations about Identity Commons as a community and despair over the missing archived knowledge for Internet Identity Workshop<br />
<br />
===2007-06-19===<br />
:*Stefan Brands: [http://www.idcorner.org/?p=154 Anonymous Credentials? No, Minimal Disclosure Certificates!] continues the [[Clippings#2007-06-18|web-wide discussion]] on Kim Cameron's [[Clippings#2007-06-17|starting-gun post]] on evolving privacy technology.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=809 Long live minimal disclosure tokens!], responding to Stefan Brands post, proposing a remedy that separates privacy and anonymity. Kim abandons some misleading nomenclature and proposes an alternative to the correction by Brands.<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/collusion-takes-effort-how-much.html Collusion takes effort; how much?] introducing Eric Norman's new blog, drawing a bridge between Kaliya and Kim Cameron, Washack vs. US and Evolving Technical Privacy (''[[User:Orcmid|Orcmid]] 17:46, 20 June 2007 (MDT)'')<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/single_logout_with_saml_2 Single Logout with SAML 2.0 and PHP], describing the OpenSSO extension for Single Logout, illustrated by a worked case. I need to read this because I can't understand why it's important. Also, why do we say Sign On but Log Out? Neither Sign In nor Log In? Who makes up these rules?<br />
<br />
===2007-06-18===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=806 No masks in the grocery store] discusses the response to Kim's [[Clippings#2007-06-17|2007-06-17]] post by [http://vquill.com/2007/06/i-dont-wear-mask-when-i-go-to-grocery.html David Kearns] (responding to [http://connectid.blogspot.com/2007/06/colluding-with-yourself.html Paul Madsen]) on the prospect of a relying party linking through correlation across time.<br />
:*Kim Cameron: [http://www.identityblog.com/?p=807 Colluding with yourself] continues the discussion by quoting the full Paul Madsen article and discussing a couple of its points. I do not propose to make a habit of clipping this sort of back-and-forth. The individual blogs provide examples aplenty. These two citations are illustrative of the flavor, at least from Kim Cameron's perspective. ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)''<br />
:*Kim Cameron: [http://www.identityblog.com/?p=808 Revealing patterns when there is no need to do so] follows on the earlier discussion of collusion (while we are still on [[Clippings#2007-06-17|step #1]] of Kim's planned analysis. What shows up beautifully here is how a cross-blog conversation is used to sharpen the edges of the discussion and also surface an important tie-in between correlation and Too Much Information (TMI). I promise I am not going to clip all of these, but demonstrating the pattern of these inquiries seems valuable, IMHO ''[[User:Orcmid|Orcmid]] 13:45, 19 June 2007 (MDT)'' <br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/saml_2_0_http_simplesign SAML 2.0 HTTP-SimpleSign Support in OpenSSO SAML 2.0 PHP Extension] allowing digital signatures that avoid XML canonicalization by encoding the XML in Base64 and signing that blob. This responds to an old complaint about XML signatures but leaves the problem that any directly-accessible XML copy leaves the signature behind and there is no way out of that. An useful demonstration of how to do it if you can tolerate operating inside the limitation.<br />
:*Randy Picker: [http://uchicagolaw.typepad.com/faculty/2007/06/regulating_the_.html Regulating the Cloud: Warshak v. United States] discusses litigation that has an impact on the expectation of privacy for data of ours and about us in the cloud. (Kaliya Hamlin adds some great color to this case in "[http://www.identitywoman.net/?p=601 Yeah! for the Fourth Ammendment]." ''[[User:Orcmid|Orcmid]] 13:56, 19 June 2007 (MDT)'')<br />
<br />
===2007-06-17===<br />
:*Kim Cameron: [http://www.identityblog.com/?p=804 Evolving technology for better privacy], the first in a series describing ways to prevent linking of information by relying parties and/or identity providers. This post is also handy for establishing the terms of discussion with a basic example of X.509 certificates and PKI signing as a form of authentication.<br />
<br />
===2007-06-15===<br />
:*Oren Eini: [http://ayende.com/Blog/archive/2007/06/15/The-myth-of-the-all-inclusive-metaentity.aspx The Myth of the All-Inclusive Meta-Entity], reminding us to consider that an identity might be of merely an aspect in relevant context<br />
:*Johannes Ernst: [http://netmesh.info/jernst/Comments/sun-openid-online.html Sun's OpenID Provider is On-line]<br />
:*Jerry Fishenden: [http://ntouk.com/?view=plink&id=295 From Oxford to Rio - identity and privacy], links to a webcast and some other material<br />
:*Eric Goldman: [http://blog.ericgoldman.org/archives/2007/06/lawyer_ranking.htm Lawyer Rating Service Sued&mdash;Browne v. Avvo], having to do with reputation/rating and services, groups, people that do it, perhaps wrongfully, perhaps not<br />
:*Pat Patterson: [http://blogs.sun.com/superpat/entry/openid_work_architecture OpenID @ Work - Architecture], source of details on openid.sun.com<br />
:*Joshua Porter (Bokardo): [http://bokardo.com/archives/comic-et-tu-brute/ Comic - Et tu, Brute?]<br />
:*Gina Trapani (Lifehacker): [http://lifehacker.com/software/shutdown/what-to-do-with-your-yahoo-photos-269173.php Shutdown - What To Do with your Yahoo! Photos] and indeed, what happens to an identity and related artifacts (i.e., "your" stuff) when a hosted service (e.g., an identity provider) shuts down or a service (a relying party) introduces/changes identity authentication regime. Is now the time to start thinking about end-of-life scenarios? ''[[User:Orcmid|Orcmid]] 10:34, 15 June 2007 (MDT)''<br />
:*Jon Udell: [http://blog.jonudell.net/2007/06/15/facebookizing-the-web-webifying-facebook/ Facebookizing the Web, Webifying Facebook], on diffusion between walled gardens (presence silos, in my thinking) such as Facebook and Internet presence: can we have it (when there's a business model?) and what rôle will identity metasystems serve? ''[[User:Orcmid|Orcmid]] 11:36, 15 June 2007 (MDT)''<br />
<br />
===2007-06-14===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/openid_sun_architecture OpenID @ Work - Architecture], providing some much-needed diagrams (and perhaps the start of a picture-clippings section here? ''[[User:Orcmid|Orcmid]] 12:04, 15 June 2007 (MDT)'')<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/i-love-dawn/ I Love Dawn ...], wondering what can be done when people say stuff about us that isn't so and it takes on a life of its own, an identity not of our making, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/too-accessible/ Too Accessible], reflecting an identity+presence silo problem (check the comments)<br />
:*Robert Scoble: [http://scobleizer.com/2007/06/14/valleywag-offers-me-a-job/ Valleywag Offers Me a Job ...] on being misrepresented by a gossip columnist, not quite up there with cyber-bullying but certainly a question around having mischief done with our identity and rôles, ''[[User:Orcmid|Orcmid]] 11:01, 15 June 2007 (MDT)''<br />
<br />
===2007-06-12===<br />
:*Avi Bryant: [http://smallthought.com/avi/?p=24 Technorati Needs To Catch Up to Facebook], bridging an interesting conversation with Jon Udell about Facebookizing the Internet, raising interesting challenges for identity metasystems (''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/what-does-idp-do.html What Does an IdP Do?] eye-opening simple explanation of the Identity Provider's rôle and the Identity Selector's rôle, with a cautionary wink toward OpenID Provider? (''[[User:Orcmid|Orcmid]] 17:56, 20 June 2007 (MDT)'')<br />
<br />
<br />
===2007-06-09===<br />
:*Paolo Massa: [http://www.gnuband.org/2007/06/09/reputation_is_in_the_eye_of_the_beholder_on_subjectivity_and_objectivity_of_trust_statements/ Reputation is in the eye of the beholder - on subjectivity and objectivity of trust statements], position paper for the Security Issues in Reputation Systems workshop at the European e-Identity Conference, in Paris 2007-06-11 to -13 (''[[User:Orcmid|Orcmid]] 13:22, 15 June 2007 (MDT)'')<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/06/horrible-human-engineering.html Horrible Human Engineering] with a quick crotch-kick to an ugly CardSpace example as a not-too-subtle reminder that the human factor is always paramount and no one is exempt from fumbling it up &mdash; the big test is how rapidly repairs are made (''[[User:Orcmid|Orcmid]] 18:11, 20 June 2007 (MDT)'')<br />
<br />
===2007-05-27===<br />
:*Eric Norman: [http://ejnorman.blogspot.com/2007/05/openid-as-laboratory.html OpenID as a Laboratory] eyeing OpenID (with a little less framework, perhaps) as a wonderful laboratory for working out identity-system concerns, with an eyebrow raised in the direction of Higgins too (''[[User:Orcmid|Orcmid]] 18:15, 20 June 2007 (MDT)'')<br />
<br />
===2007-03-02===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/deep_dive_on_saml_2 Deep Dive on SAML 2.0 vs. WS-Federation], for those keeping score at home (''[[User:Orcmid|Orcmid]] 12:00, 15 June 2007 (MDT)'')<br />
<br />
===2007-02-06===<br />
:*Jon Udell: [http://blog.jonudell.net/2007/02/06/critical-mass-and-social-network-fatigue/ Critical Mass and Social Network Fatigue] focuses on social-network fatigue and how what's needed is to factor those overlays out as something that works on the global Internet (where identity metasystems should surely matter? ''[[User:Orcmid|Orcmid]] 11:45, 15 June 2007 (MDT)''), with great discussion in the comments<br />
<br />
===2006-12-04===<br />
:*Danah Boyd: [http://www.firstmonday.org/issues/issue11_12/boyd/index.html Friends, Friendsters, and Top 8 &mdash; writing community into being on social network sites], ''First Monday'' '''''11''''', 12 (December 2006), where the notion of writing into being and the repercussions for identity merit careful attention (via [http://scobleizer.com/2007/06/20/defining-friending/ Robert Scoble], ''[[User:Orcmid|Orcmid]] 19:09, 20 June 2007 (MDT)'')<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/iiw6_-_saml_%2F_liberty IIW2006b SAML/Liberty Presentation] (digging up background items deep in this blog, ''[[User:Orcmid|Orcmid]] 12:10, 15 June 2007 (MDT)'')<br />
<br />
===2006-10-22===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/identity_federation_part_2 Identity Federation] overview and illustration of where one Circle of Trust shows up (''[[User:Orcmid|Orcmid]] 12:29, 15 June 2007 (MDT)'')<br />
<br />
===2006-06-26===<br />
:*Hubert A. Le Van Gong: [http://blogs.sun.com/hubertsblog/entry/a_taxonomy_on_user_centric A Taxonomy on User-Centric Identity] mainly links on this useful topic (''[[User:Orcmid|Orcmid]] 12:44, 15 June 2007 (MDT)'')</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help_talk:Contents&diff=45Help talk:Contents2007-11-28T00:22:18Z<p>Orcmid: /* License Considerations */</p>
<hr />
<div>===Starting Fresh===<br />
<br />
I am making a top-down transfer of materials that I had in suspension on Windley's IIW Wiki. That means that there will be broken links to subordinate content until my manual crawler brings over that additional material. <br />
<br />
Now that there is a MediaWiki to use (learning wiki-text formats and editing rules is like going from one word processor to another, but without translators), I am so grateful, and in anticipation of the upcoming IIW2007b, that I may actually get around to providing the material I was interested in having here six months ago.<br />
<br />
The notes below are simply preserved here. Some of them need to be reviewed and adjusted for the Identity Commons IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:02, 27 November 2007 (PST)''<br />
<br />
===Slowing Down===<br />
<br />
[http://iiw.windley.com/wiki/Help_talk:Contents From Windley's IIW Wiki]<br />
<br />
I was discussing my promise to provide help materials on IIW Wiki with Kaliya over in Facebook. She warned me that a new Identity Wiki is going to be put up. I need to slow down here and make sure that I have the Wiki texts of pages saved somewhere that I can move them from if this Wiki disappears.<br />
<br />
[I saw a cool tool for grabbing chunks of web for archiving or making .chm (Help files) out of them. That doesn't quite work for backing up wiki material. There, the idea is to grab the wiki format (what you enter when editing a page) so the page can be recreated in any (MediaWiki) compatible wiki. Hmm. More work than I want to put in, yet an interesting tool project.]<br />
<br />
===Added Clippings===<br />
I started noticing blog items on particular identity topics that I thought it useful to provide clippings for, sort of like a link blog. This is different than a Blogroll which links to the main page of a blog that regularly has articles on identity-related topics. There should be more on the discussion page for the Clippings topic itself.<br />
::''[[User:Orcmid|Orcmid]] 10:00, 15 June 2007 (MDT)''<br />
<br />
I am not sure what happened. I lost the connection to yesterday's clippings so I put it in again. As long as I was editing, I also put clippings under a new Help topic, Internet Identity Resources, rather than Internet Identity Topics.<br />
::''[[User:Orcmid|Orcmid]] 12:20, 16 June 2007 (MDT)''<br />
<br />
===Priming the Pump===<br />
<br />
In Kaliya's [http://iiw.windley.com/wiki/Workshop_2007 IIW2007a] session 6C on Newbies, Mark Aiken and I had been thinking of things we could do, on the IIW Wiki, to make the place more hospitable and useful to newcomers as well as experienced Workshop participants. I have put up all of my Flickr images from the workshop and I am now putting down this placeholder for a Help page.<br />
<br />
There is no Help information of any kind on this site - none on how to get around the site, how to find things, how to contribute. There is also no help for the Editing and Markup that is supported by this installation of MediaWiki. I want to gather what I know into some semblance of help that deals with casual navigation and use first, creating and editing pages, and finally digging into MediaWiki (covered last, since it is infrastructure in this context).<br />
<br />
The Wikipedia main help page is at [http://en.wikipedia.org/wiki/Help:Contents Help:Contents]. This is a very useful page in terms of the kinds of things that one might cover and also have be available. The organization also seems useful for Help here, with adjustment for the different subject matter.<br />
<br />
The MediaWiki home page is at [http://www.mediawiki.org/wiki/MediaWiki MediaWiki]. It provides another level of comprehensive information.<br />
<br />
I am posting this much because I want to verify that the MediaWiki tips on formatting and links all work on this installation of MediaWiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:39, 1 June 2007 (MDT)''<br />
<br />
===First Framework===<br />
<br />
Inspired by the Wikipedia Help:Content page, I added a few section-level topics and confirmed how they appear. I will return to add some minor bits.<br />
<br />
In earlier explorations, I did learn that there is a way to see an index of all of the page titles. I must recover that and add it as a tip while the wiki is in a basically-chaotic state.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:22, 9 June 2007 (MDT)''<br />
<br />
I found it. In the toolbox on the sidebar, there is a link to [[Special:Specialpages|Special pages]]. This is an important resource for finding what there is in the absence of an explicit map or guide. The first entry on that page is the link to an index of [[Special:Allpages|All pages]]. There are other useful pages here, including ones that can be used for site maintenance.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:30, 9 June 2007 (MDT)''<br />
<br />
===License Considerations===<br />
<br />
I don't know if it is a consideration, but the [http://www.mediawiki.org/wiki/Help:Contents MediaWiki Help:Contents] section is all marked as [http://en.wikipedia.org/wiki/Public_domain public domain]. It is not clear what the requirement that derivatives be contributed to the public domain is about, since there are no such enforceable restrictions on public domain works. This appears to be bad lawyering.<br />
<br />
At the bottom of the same pages, the works are described as being subject to the [http://www.gnu.org/copyleft/fdl.html GNU Free Documentation License]. There is no indication of any options that have been exercised, so we should probably assume the standard GFDL form. However the GFDL does not prohibit commercial use, and this IIW Wiki site does. I have no idea whether license conflicts are behind the omission of help materials and other resources on the IIW Wiki. <br />
<br />
I must say that this disconnect is not one that makes me eager to post any significant contributions. I also see no praotical way of working around the MediaWiki licenses unless we can only link to that Help material and not replicate it with any specific editing applicable to the IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 14:12, 1 June 2007 (MDT)''<br />
<br />
====Differences on the Identity Commons IIW Wiki====<br />
<br />
I notice that this Wiki uses a Creative Commons 3.0 Attribution Share-Alike license, with no other stipulations. The deed states "Unported" and it took a fair amount of fussing around the Creative Commons site to learn that is the version that specifies no national copyright regime. <br />
<br />
I don't have any qualms with using Attribution Share-Alike, and I am only moving my own material from the Windley IIW Wiki, so the fact of a stronger license there (non-commercial leaps to mind) is not a concern for me as the author.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:22, 27 November 2007 (PST)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help_talk:Contents&diff=44Help talk:Contents2007-11-28T00:08:40Z<p>Orcmid: /* Starting Fresh */</p>
<hr />
<div>===Starting Fresh===<br />
<br />
I am making a top-down transfer of materials that I had in suspension on Windley's IIW Wiki. That means that there will be broken links to subordinate content until my manual crawler brings over that additional material. <br />
<br />
Now that there is a MediaWiki to use (learning wiki-text formats and editing rules is like going from one word processor to another, but without translators), I am so grateful, and in anticipation of the upcoming IIW2007b, that I may actually get around to providing the material I was interested in having here six months ago.<br />
<br />
The notes below are simply preserved here. Some of them need to be reviewed and adjusted for the Identity Commons IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:02, 27 November 2007 (PST)''<br />
<br />
===Slowing Down===<br />
<br />
[http://iiw.windley.com/wiki/Help_talk:Contents From Windley's IIW Wiki]<br />
<br />
I was discussing my promise to provide help materials on IIW Wiki with Kaliya over in Facebook. She warned me that a new Identity Wiki is going to be put up. I need to slow down here and make sure that I have the Wiki texts of pages saved somewhere that I can move them from if this Wiki disappears.<br />
<br />
[I saw a cool tool for grabbing chunks of web for archiving or making .chm (Help files) out of them. That doesn't quite work for backing up wiki material. There, the idea is to grab the wiki format (what you enter when editing a page) so the page can be recreated in any (MediaWiki) compatible wiki. Hmm. More work than I want to put in, yet an interesting tool project.]<br />
<br />
===Added Clippings===<br />
I started noticing blog items on particular identity topics that I thought it useful to provide clippings for, sort of like a link blog. This is different than a Blogroll which links to the main page of a blog that regularly has articles on identity-related topics. There should be more on the discussion page for the Clippings topic itself.<br />
::''[[User:Orcmid|Orcmid]] 10:00, 15 June 2007 (MDT)''<br />
<br />
I am not sure what happened. I lost the connection to yesterday's clippings so I put it in again. As long as I was editing, I also put clippings under a new Help topic, Internet Identity Resources, rather than Internet Identity Topics.<br />
::''[[User:Orcmid|Orcmid]] 12:20, 16 June 2007 (MDT)''<br />
<br />
===Priming the Pump===<br />
<br />
In Kaliya's [http://iiw.windley.com/wiki/Workshop_2007 IIW2007a] session 6C on Newbies, Mark Aiken and I had been thinking of things we could do, on the IIW Wiki, to make the place more hospitable and useful to newcomers as well as experienced Workshop participants. I have put up all of my Flickr images from the workshop and I am now putting down this placeholder for a Help page.<br />
<br />
There is no Help information of any kind on this site - none on how to get around the site, how to find things, how to contribute. There is also no help for the Editing and Markup that is supported by this installation of MediaWiki. I want to gather what I know into some semblance of help that deals with casual navigation and use first, creating and editing pages, and finally digging into MediaWiki (covered last, since it is infrastructure in this context).<br />
<br />
The Wikipedia main help page is at [http://en.wikipedia.org/wiki/Help:Contents Help:Contents]. This is a very useful page in terms of the kinds of things that one might cover and also have be available. The organization also seems useful for Help here, with adjustment for the different subject matter.<br />
<br />
The MediaWiki home page is at [http://www.mediawiki.org/wiki/MediaWiki MediaWiki]. It provides another level of comprehensive information.<br />
<br />
I am posting this much because I want to verify that the MediaWiki tips on formatting and links all work on this installation of MediaWiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:39, 1 June 2007 (MDT)''<br />
<br />
===First Framework===<br />
<br />
Inspired by the Wikipedia Help:Content page, I added a few section-level topics and confirmed how they appear. I will return to add some minor bits.<br />
<br />
In earlier explorations, I did learn that there is a way to see an index of all of the page titles. I must recover that and add it as a tip while the wiki is in a basically-chaotic state.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:22, 9 June 2007 (MDT)''<br />
<br />
I found it. In the toolbox on the sidebar, there is a link to [[Special:Specialpages|Special pages]]. This is an important resource for finding what there is in the absence of an explicit map or guide. The first entry on that page is the link to an index of [[Special:Allpages|All pages]]. There are other useful pages here, including ones that can be used for site maintenance.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:30, 9 June 2007 (MDT)''<br />
<br />
===License Considerations===<br />
<br />
I don't know if it is a consideration, but the [http://www.mediawiki.org/wiki/Help:Contents MediaWiki Help:Contents] section is all marked as [http://en.wikipedia.org/wiki/Public_domain public domain]. It is not clear what the requirement that derivatives be contributed to the public domain is about, since there are no such enforceable restrictions on public domain works. This appears to be bad lawyering.<br />
<br />
At the bottom of the same pages, the works are described as being subject to the [http://www.gnu.org/copyleft/fdl.html GNU Free Documentation License]. There is no indication of any options that have been exercised, so we should probably assume the standard GFDL form. However the GFDL does not prohibit commercial use, and this IIW Wiki site does. I have no idea whether license conflicts are behind the omission of help materials and other resources on the IIW Wiki. <br />
<br />
I must say that this disconnect is not one that makes me eager to post any significant contributions. I also see no praotical way of working around the MediaWiki licenses unless we can only link to that Help material and not replicate it with any specific editing applicable to the IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 14:12, 1 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help_talk:Contents&diff=43Help talk:Contents2007-11-28T00:08:01Z<p>Orcmid: /* = */</p>
<hr />
<div>===Starting Fresh===<br />
<br />
I am making a top-down transfer of materials that I had in suspension on Windley's IIW Wiki. That means that there will be broken links to subordinate content until my manual crawler brings over that additional material. <br />
<br />
Now that there is a MediaWiki to use (learning wiki-text formats and editing rules is like going from one word processor to another, but without translators), I am so grateful, and in anticipation of the upcoming IIW2007b, that I may actually get around to providing the material I was interested in having here six months ago.<br />
<br />
The notes below are simply preserved here. Some of them need to be reviewed and adjusted for the Identity Commons IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:02, 27 November 2007 (PST)''<br />
<br />
===Slowing Down [http://iiw.windley.com/wiki/Help_talk:Contents From Windley's IIW Wiki]<br />
<br />
<br />
I was discussing my promise to provide help materials on IIW Wiki with Kaliya over in Facebook. She warned me that a new Identity Wiki is going to be put up. I need to slow down here and make sure that I have the Wiki texts of pages saved somewhere that I can move them from if this Wiki disappears.<br />
<br />
[I saw a cool tool for grabbing chunks of web for archiving or making .chm (Help files) out of them. That doesn't quite work for backing up wiki material. There, the idea is to grab the wiki format (what you enter when editing a page) so the page can be recreated in any (MediaWiki) compatible wiki. Hmm. More work than I want to put in, yet an interesting tool project.]<br />
<br />
===Added Clippings===<br />
I started noticing blog items on particular identity topics that I thought it useful to provide clippings for, sort of like a link blog. This is different than a Blogroll which links to the main page of a blog that regularly has articles on identity-related topics. There should be more on the discussion page for the Clippings topic itself.<br />
::''[[User:Orcmid|Orcmid]] 10:00, 15 June 2007 (MDT)''<br />
<br />
I am not sure what happened. I lost the connection to yesterday's clippings so I put it in again. As long as I was editing, I also put clippings under a new Help topic, Internet Identity Resources, rather than Internet Identity Topics.<br />
::''[[User:Orcmid|Orcmid]] 12:20, 16 June 2007 (MDT)''<br />
<br />
===Priming the Pump===<br />
<br />
In Kaliya's [http://iiw.windley.com/wiki/Workshop_2007 IIW2007a] session 6C on Newbies, Mark Aiken and I had been thinking of things we could do, on the IIW Wiki, to make the place more hospitable and useful to newcomers as well as experienced Workshop participants. I have put up all of my Flickr images from the workshop and I am now putting down this placeholder for a Help page.<br />
<br />
There is no Help information of any kind on this site - none on how to get around the site, how to find things, how to contribute. There is also no help for the Editing and Markup that is supported by this installation of MediaWiki. I want to gather what I know into some semblance of help that deals with casual navigation and use first, creating and editing pages, and finally digging into MediaWiki (covered last, since it is infrastructure in this context).<br />
<br />
The Wikipedia main help page is at [http://en.wikipedia.org/wiki/Help:Contents Help:Contents]. This is a very useful page in terms of the kinds of things that one might cover and also have be available. The organization also seems useful for Help here, with adjustment for the different subject matter.<br />
<br />
The MediaWiki home page is at [http://www.mediawiki.org/wiki/MediaWiki MediaWiki]. It provides another level of comprehensive information.<br />
<br />
I am posting this much because I want to verify that the MediaWiki tips on formatting and links all work on this installation of MediaWiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:39, 1 June 2007 (MDT)''<br />
<br />
===First Framework===<br />
<br />
Inspired by the Wikipedia Help:Content page, I added a few section-level topics and confirmed how they appear. I will return to add some minor bits.<br />
<br />
In earlier explorations, I did learn that there is a way to see an index of all of the page titles. I must recover that and add it as a tip while the wiki is in a basically-chaotic state.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:22, 9 June 2007 (MDT)''<br />
<br />
I found it. In the toolbox on the sidebar, there is a link to [[Special:Specialpages|Special pages]]. This is an important resource for finding what there is in the absence of an explicit map or guide. The first entry on that page is the link to an index of [[Special:Allpages|All pages]]. There are other useful pages here, including ones that can be used for site maintenance.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:30, 9 June 2007 (MDT)''<br />
<br />
===License Considerations===<br />
<br />
I don't know if it is a consideration, but the [http://www.mediawiki.org/wiki/Help:Contents MediaWiki Help:Contents] section is all marked as [http://en.wikipedia.org/wiki/Public_domain public domain]. It is not clear what the requirement that derivatives be contributed to the public domain is about, since there are no such enforceable restrictions on public domain works. This appears to be bad lawyering.<br />
<br />
At the bottom of the same pages, the works are described as being subject to the [http://www.gnu.org/copyleft/fdl.html GNU Free Documentation License]. There is no indication of any options that have been exercised, so we should probably assume the standard GFDL form. However the GFDL does not prohibit commercial use, and this IIW Wiki site does. I have no idea whether license conflicts are behind the omission of help materials and other resources on the IIW Wiki. <br />
<br />
I must say that this disconnect is not one that makes me eager to post any significant contributions. I also see no praotical way of working around the MediaWiki licenses unless we can only link to that Help material and not replicate it with any specific editing applicable to the IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 14:12, 1 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help_talk:Contents&diff=42Help talk:Contents2007-11-28T00:07:36Z<p>Orcmid: /* Starting Fresh */</p>
<hr />
<div>===Starting Fresh===<br />
<br />
I am making a top-down transfer of materials that I had in suspension on Windley's IIW Wiki. That means that there will be broken links to subordinate content until my manual crawler brings over that additional material. <br />
<br />
Now that there is a MediaWiki to use (learning wiki-text formats and editing rules is like going from one word processor to another, but without translators), I am so grateful, and in anticipation of the upcoming IIW2007b, that I may actually get around to providing the material I was interested in having here six months ago.<br />
<br />
The notes below are simply preserved here. Some of them need to be reviewed and adjusted for the Identity Commons IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:02, 27 November 2007 (PST)''<br />
<br />
===Slowing Down [http://iiw.windley.com/wiki/Help_talk:Contents From Windley's IIW Wiki]<br />
=== <br />
I was discussing my promise to provide help materials on IIW Wiki with Kaliya over in Facebook. She warned me that a new Identity Wiki is going to be put up. I need to slow down here and make sure that I have the Wiki texts of pages saved somewhere that I can move them from if this Wiki disappears.<br />
<br />
[I saw a cool tool for grabbing chunks of web for archiving or making .chm (Help files) out of them. That doesn't quite work for backing up wiki material. There, the idea is to grab the wiki format (what you enter when editing a page) so the page can be recreated in any (MediaWiki) compatible wiki. Hmm. More work than I want to put in, yet an interesting tool project.]<br />
<br />
===Added Clippings===<br />
I started noticing blog items on particular identity topics that I thought it useful to provide clippings for, sort of like a link blog. This is different than a Blogroll which links to the main page of a blog that regularly has articles on identity-related topics. There should be more on the discussion page for the Clippings topic itself.<br />
::''[[User:Orcmid|Orcmid]] 10:00, 15 June 2007 (MDT)''<br />
<br />
I am not sure what happened. I lost the connection to yesterday's clippings so I put it in again. As long as I was editing, I also put clippings under a new Help topic, Internet Identity Resources, rather than Internet Identity Topics.<br />
::''[[User:Orcmid|Orcmid]] 12:20, 16 June 2007 (MDT)''<br />
<br />
===Priming the Pump===<br />
<br />
In Kaliya's [http://iiw.windley.com/wiki/Workshop_2007 IIW2007a] session 6C on Newbies, Mark Aiken and I had been thinking of things we could do, on the IIW Wiki, to make the place more hospitable and useful to newcomers as well as experienced Workshop participants. I have put up all of my Flickr images from the workshop and I am now putting down this placeholder for a Help page.<br />
<br />
There is no Help information of any kind on this site - none on how to get around the site, how to find things, how to contribute. There is also no help for the Editing and Markup that is supported by this installation of MediaWiki. I want to gather what I know into some semblance of help that deals with casual navigation and use first, creating and editing pages, and finally digging into MediaWiki (covered last, since it is infrastructure in this context).<br />
<br />
The Wikipedia main help page is at [http://en.wikipedia.org/wiki/Help:Contents Help:Contents]. This is a very useful page in terms of the kinds of things that one might cover and also have be available. The organization also seems useful for Help here, with adjustment for the different subject matter.<br />
<br />
The MediaWiki home page is at [http://www.mediawiki.org/wiki/MediaWiki MediaWiki]. It provides another level of comprehensive information.<br />
<br />
I am posting this much because I want to verify that the MediaWiki tips on formatting and links all work on this installation of MediaWiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:39, 1 June 2007 (MDT)''<br />
<br />
===First Framework===<br />
<br />
Inspired by the Wikipedia Help:Content page, I added a few section-level topics and confirmed how they appear. I will return to add some minor bits.<br />
<br />
In earlier explorations, I did learn that there is a way to see an index of all of the page titles. I must recover that and add it as a tip while the wiki is in a basically-chaotic state.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:22, 9 June 2007 (MDT)''<br />
<br />
I found it. In the toolbox on the sidebar, there is a link to [[Special:Specialpages|Special pages]]. This is an important resource for finding what there is in the absence of an explicit map or guide. The first entry on that page is the link to an index of [[Special:Allpages|All pages]]. There are other useful pages here, including ones that can be used for site maintenance.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:30, 9 June 2007 (MDT)''<br />
<br />
===License Considerations===<br />
<br />
I don't know if it is a consideration, but the [http://www.mediawiki.org/wiki/Help:Contents MediaWiki Help:Contents] section is all marked as [http://en.wikipedia.org/wiki/Public_domain public domain]. It is not clear what the requirement that derivatives be contributed to the public domain is about, since there are no such enforceable restrictions on public domain works. This appears to be bad lawyering.<br />
<br />
At the bottom of the same pages, the works are described as being subject to the [http://www.gnu.org/copyleft/fdl.html GNU Free Documentation License]. There is no indication of any options that have been exercised, so we should probably assume the standard GFDL form. However the GFDL does not prohibit commercial use, and this IIW Wiki site does. I have no idea whether license conflicts are behind the omission of help materials and other resources on the IIW Wiki. <br />
<br />
I must say that this disconnect is not one that makes me eager to post any significant contributions. I also see no praotical way of working around the MediaWiki licenses unless we can only link to that Help material and not replicate it with any specific editing applicable to the IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 14:12, 1 June 2007 (MDT)''</div>Orcmidhttps://iiw.idcommons.net/index.php?title=Help_talk:Contents&diff=41Help talk:Contents2007-11-28T00:05:04Z<p>Orcmid: /* Priming the Pump */</p>
<hr />
<div>===Starting Fresh===<br />
<br />
I am making a top-down transfer of materials that I had in suspension on Windley's IIW Wiki. That means that there will be broken links to subordinate content until my manual crawler brings over that additional material. <br />
<br />
Now that there is a MediaWiki to use (learning wiki-text formats and editing rules is like going from one word processor to another, but without translators), I am so grateful, and in anticipation of the upcoming IIW2007b, that I may actually get around to providing the material I was interested in having here six months ago.<br />
<br />
The notes below are simply preserved here. Some of them need to be reviewed and adjusted for the Identity Commons IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 16:02, 27 November 2007 (PST)''<br />
<br />
===Slowing Down=== [http://iiw.windley.com/wiki/Help_talk:Contents From Windley's IIW Wiki]<br />
I was discussing my promise to provide help materials on IIW Wiki with Kaliya over in Facebook. She warned me that a new Identity Wiki is going to be put up. I need to slow down here and make sure that I have the Wiki texts of pages saved somewhere that I can move them from if this Wiki disappears.<br />
<br />
[I saw a cool tool for grabbing chunks of web for archiving or making .chm (Help files) out of them. That doesn't quite work for backing up wiki material. There, the idea is to grab the wiki format (what you enter when editing a page) so the page can be recreated in any (MediaWiki) compatible wiki. Hmm. More work than I want to put in, yet an interesting tool project.]<br />
<br />
===Added Clippings===<br />
I started noticing blog items on particular identity topics that I thought it useful to provide clippings for, sort of like a link blog. This is different than a Blogroll which links to the main page of a blog that regularly has articles on identity-related topics. There should be more on the discussion page for the Clippings topic itself.<br />
::''[[User:Orcmid|Orcmid]] 10:00, 15 June 2007 (MDT)''<br />
<br />
I am not sure what happened. I lost the connection to yesterday's clippings so I put it in again. As long as I was editing, I also put clippings under a new Help topic, Internet Identity Resources, rather than Internet Identity Topics.<br />
::''[[User:Orcmid|Orcmid]] 12:20, 16 June 2007 (MDT)''<br />
<br />
===Priming the Pump===<br />
<br />
In Kaliya's [http://iiw.windley.com/wiki/Workshop_2007 IIW2007a] session 6C on Newbies, Mark Aiken and I had been thinking of things we could do, on the IIW Wiki, to make the place more hospitable and useful to newcomers as well as experienced Workshop participants. I have put up all of my Flickr images from the workshop and I am now putting down this placeholder for a Help page.<br />
<br />
There is no Help information of any kind on this site - none on how to get around the site, how to find things, how to contribute. There is also no help for the Editing and Markup that is supported by this installation of MediaWiki. I want to gather what I know into some semblance of help that deals with casual navigation and use first, creating and editing pages, and finally digging into MediaWiki (covered last, since it is infrastructure in this context).<br />
<br />
The Wikipedia main help page is at [http://en.wikipedia.org/wiki/Help:Contents Help:Contents]. This is a very useful page in terms of the kinds of things that one might cover and also have be available. The organization also seems useful for Help here, with adjustment for the different subject matter.<br />
<br />
The MediaWiki home page is at [http://www.mediawiki.org/wiki/MediaWiki MediaWiki]. It provides another level of comprehensive information.<br />
<br />
I am posting this much because I want to verify that the MediaWiki tips on formatting and links all work on this installation of MediaWiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 13:39, 1 June 2007 (MDT)''<br />
<br />
===First Framework===<br />
<br />
Inspired by the Wikipedia Help:Content page, I added a few section-level topics and confirmed how they appear. I will return to add some minor bits.<br />
<br />
In earlier explorations, I did learn that there is a way to see an index of all of the page titles. I must recover that and add it as a tip while the wiki is in a basically-chaotic state.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:22, 9 June 2007 (MDT)''<br />
<br />
I found it. In the toolbox on the sidebar, there is a link to [[Special:Specialpages|Special pages]]. This is an important resource for finding what there is in the absence of an explicit map or guide. The first entry on that page is the link to an index of [[Special:Allpages|All pages]]. There are other useful pages here, including ones that can be used for site maintenance.<br />
<br />
::''[[User:Orcmid|Orcmid]] 15:30, 9 June 2007 (MDT)''<br />
<br />
===License Considerations===<br />
<br />
I don't know if it is a consideration, but the [http://www.mediawiki.org/wiki/Help:Contents MediaWiki Help:Contents] section is all marked as [http://en.wikipedia.org/wiki/Public_domain public domain]. It is not clear what the requirement that derivatives be contributed to the public domain is about, since there are no such enforceable restrictions on public domain works. This appears to be bad lawyering.<br />
<br />
At the bottom of the same pages, the works are described as being subject to the [http://www.gnu.org/copyleft/fdl.html GNU Free Documentation License]. There is no indication of any options that have been exercised, so we should probably assume the standard GFDL form. However the GFDL does not prohibit commercial use, and this IIW Wiki site does. I have no idea whether license conflicts are behind the omission of help materials and other resources on the IIW Wiki. <br />
<br />
I must say that this disconnect is not one that makes me eager to post any significant contributions. I also see no praotical way of working around the MediaWiki licenses unless we can only link to that Help material and not replicate it with any specific editing applicable to the IIW Wiki.<br />
<br />
::''[[User:Orcmid|Orcmid]] 14:12, 1 June 2007 (MDT)''</div>Orcmid