Pushing String

My low-carb pal Mark Wilcox pointed me to this movie. I haven’t seen it yet, but it somehow (ahem) reminds me of the politico-nutritional mess we’re in. Two headlines I saw today, right next to each other:

• USA Today: Obesity is a key link to soaring health tab
• San Diego Union-Tribune: Senators inch toward deal on health care

Sorry, but I just don’t trust senators to get it right on health and nutrition. What if senators had something to do with the problem in the first place?

In GCBC, Gary Taubes relates the controversy around Dietary Goals for the United States, produced by the staff of George McGovern’s U.S. Senate Select Committee on Nutrition and Human Needs in 1977. This document is pretty much the well from which all U.S. public-health “fat bad, carbs good” nonsense springs.

Taubes quotes the Senate testimony of Philip Handler, president of the National Academy of Sciences and a metabolism expert in his own right, representing the NAS Food and Nutrition Board:

However tenuous that linkage [of dietary fat and cholesterol, blood cholesterol, and heart disease], however disappointing the various intervention trials, it still seems prudent to propose to the American public that we not only maintain reasonable weights for our height, body structure and age, but also reduce our dietary fat intakes significantly, and keep cholesterol intake to a minimum. And, conceivably, you might conclude that it is proper for the federal government to so recommend.

On the other hand, you may instead argue: What right has the federal government to propose that the American people conduct a vast nutritional experiment, with themselves as subjects, on the strength of so very little evidence that it will do them any good?

Mr. Chairman, resolution of this dilemma turns on a value judgment. The dilemma so posed is not a scientific question; it is a question of ethics, morals, politics. Those who argue either position strongly are expressing their values; they are not making scientific judgments.

(For your reading convenience, I’ve helpfully emboldened the ethical/moral/political choice I’d make.)

I know I’m always saying this, but: Read the whole thing. And if you’re suspicious about which scientists worked for the Egg Board, just wait till you see where the Frito-Lay funding went.

After a few weeks’ worth of charter wrangling, I’m delighted to announce the launch of a new Kantara Initiative work group called User-Managed Access (UMA). Quoting some text from the charter that may sound familiar if you’ve been following the ProtectServe story:

The purpose of this Work Group is to develop a set of draft specifications that enable an individual to control the authorization of data sharing and service access made between online services on the individual’s behalf, and to facilitate the development of interoperable implementations of these specifications by others.

Quite a few folks have expressed strong interest in using this work to solve their use cases and in implementing the protocol (speaking of which, sincere thanks to the dozen-plus people who joined with me in proposing the group). With a basic design pattern that is as generative as ProtectServe seems to be, and with the variety of communities we’ll need to engage, it could be tricky to stay focused on a core set of scenarios and solutions, but I intend to work hard to do just that. Better to boil a small pond than…well, you know. Stay tuned for more thoughts on how I think we can accomplish this.

If you’d like to contribute to the continuing adventures of ProtectServe, please check out the User-Managed Access WG charter and join up! Here’s where to go to subscribe to the wg-uma list, which is read-only by default, and to become an official participant in the group, which gains you list posting privileges. (In case you’re wondering, there is no fee whatsoever for Kantara group participation.)

By the end of this week we’ll start using the list to figure out a first-telecon time slot, and I’ll provide updates on various group milestones here. If you’ve got any questions at all, feel free to drop me a line.

A few days ago I suggested taking in a summer movie. If you’re a fan of OpenSSO, now you’ve got your choice of flicks, playing at a theater very near you.

Yesterday Daniel Raskin took the wraps off a video for the new Fedlet for .NET in OpenSSO Enterprise. You might recall that this version of the Fedlet made an appearance in this joint paper from Sun and Microsoft on federated identity interop.

And today he’s got a new vid showing an OpenSSO technology preview: its new OAuth Token Service. Pat Patterson gets a nice cameo in this one.

The team has done some very cool work on this tech preview, remaining truly webby, RESTful, and resource-oriented while tackling real entitlement management issues faced by enterprises. (As I’ve been saying — snarking? — recently, the smart way to bet is more consumerization of IT, ’cause we sure won’t see further ITization of consumers!)

To download and try this stuff out yourself, just click your mouse three times and say “There’s no place like Sun… There’s no place like Sun… There’s no place like Sun…”

The Burton Catalyst conference being held in San Diego in a couple of weeks is one of those don’t-miss events. If you’re going (I said it was don’t-miss, didn’t I?), you’ll want to get into town in time for the free Project Concordia workshop being held on the Monday. Our theme is Use Cases Driving Identity in Enterprise 2.0: The Consumerization of IT. This link gives you the agenda and instructions on how to register — it’s not too late.

We Concordians are excited to have Mike Gotta and Alice Wang of Burton Group on hand on Monday to present Relationships and Identity: Two Sides of the Social Networking Coin. We’ll also deep-dive on authorization standards progress and the evergreen “levels of assurance” topic (see the Concordia mailing list for huge volumes of discussion on it). And we’ll even review some potential ProtectServe use cases.

The workshop also makes a great companion to the Cloud SSO Interop Demo being run later in the week, in which Sun is participating. And and come visit me and my colleagues at the Sun hospitality suite on Wednesday night! I hear our own Smoking Monkey might be decked out in special attire…

UPDATE: Pat has blogged more Catalyst plans (breakdancing! hip-hop rivalries! super-secret Catalyst discount code!), and includes info on a very special get-together Sun is planning with Don Bowen. This is an excellent opportunity to see Don and wish him well in person; I can’t wait.

So, what did you read on your summer vacation? If you’re still planning for yours, submitted herewith for your approval:

It’s been well over a year since I first spoke on The Design of Everyday Identity; a companion article I wrote just after that wonderful event in New Zealand has finally been published in the Online Information Review journal (unfortunately the article is for-pay). Usability has taken a front seat in many of the efforts to improve user-centric identity since then, which is great, but you may find that the paper and talk still offer useful food for thought. And by the way, this analysis strongly influenced my design criteria for ProtectServe.

After lugging this article down to the beach for some light summer reading, if you’re still looking for some entertainment, try watching a movie. Podcast Hotel-meister Alex Williams invited me to do some identity video-blogging for the venerable Tek-Tips site for IT professionals, and I’ll be joined by others there soon. Thanks for the opportunity, Alex!

Since I’m not big on watching long videos online myself, I’m trying mightily to keep these to just a minute or two. The first one responds to the question: What Identity Issues Should The Enterprise Be Aware of With Public Cloud Computing? In a nice coincidental tie-in, my colleague Rajeev Angal recently posted some great info on how to integrate SAML2-based single sign-on with Salesforce CRM using OpenSSO.

What did I read on my summer vacation? I cannot tell a lie. But y’know, it was a lot better than you’d think…