Pushing String

Somehow I’d been missing out on the phenomenon of the Gnomedex tech-enthusiast conference, even though its location in recent years coincides perfectly with my new(ish) Northwest residency. (Hey, I haven’t gone to Bumbershoot yet either — bad, bad Eve!)

This year I’ve got a great chance to fix the situation. I met Chris Pirillo and his lovely wife Ponzi through Eli, and after a couple of fun evenings where I blabbed excitedly about Vendor Relationship Management and he blabbed excitedly about a project that was soon to become his WicketPixie social-media WordPress theme (it would be interesting to “VRM-enable” this theme, yes??), they were kind enough to invite me to speak this year. I’m looking forward to introducing VRM concepts to this audience and getting some discussion going on how to improve the customer-vendor nexus.

If you can be in Seattle August 21-23, I hope you’ll register and join the fun.

In addition to our wedding anniversary and the anniversary of our first date, Eli and I now have another event to celebrate: July 27, 2008 was the day we confirmed our “married” relationship on Facebook. We immediately got two messages of congratulation, one facetious…and one seemingly sincere! For the record, we’ve been married for 18 years and together for 22 — but we love having another special occasion to add to the list.

Today Sun launched OpenSSO Express, a cool new way to get your hands on innovative features destined for its Access Manager commercial product over the long haul but freshly available every three months in a stable, tested, supported build of the OpenSSO open-source project.

Daniel Raskin (dubbed the Smoking Monkey by Coté and taking the moniker quite seriously…) has a great post linking to lots more info and even a podcast on the subject. Check it out!

Internet2 hosted an interesting gathering in early June, called Federation Soup, which I had the privilege of attending. These folks have had to face some of the hardest federation problems out there because of the higher education community’s unique mix of needs, and they take a relentlessly practical approach. Ken Klingenstein said it was okay to blog what I heard at the event, but it took me a little while! Here are some of the tidbits I collected.

Interfederation looks pretty different in Internet2-land and in places like the U.S. government. In the latter, the emphasis is on PKI bridges, while the education sector is looking for more loosely coupled solutions.

It’s not just about higher education; a fair number of people are working on what are called K-20 initiatives that span education at all levels and of all types. This brings in all the hard problems of gathering consent from the custodians of minor children.

The InCommon federation is pretty attractive. Some parties that come from outside traditional education, such as news organizations that want to distribute content in a controlled way and U.S. government agencies that don’t want to use a peered federation model, are joining this federation or at least considering it. At the same time, InCommon is not the only answer; smaller educational system federations will continue to coexist with it. And some federations need independent branding. Finally, some universities simply don’t feel the need for federation at this point.

A lot of the discussion was around how to increase federation adoption. A common theme was to find the killer app or anchor tenant that makes the whole exercise worthwhile all by itself. Some people felt that what sells is not “trust”, but collaboration services. Buyer’s clubs (such as subscriptions to journals) are also an attraction.

At a BOF on privacy, tricky jurisdiction problems were discussed. What if a U.S. student is studying temporarily in Paris? Do you go by their geolocation, or by the IdP’s jurisdiction, or the SP’s? Do you purge logs for privacy according to EU requirements, or retain them for homeland security according to U.S. requirements?

Finally, for the heck of it, some juicy quotes:

• Scott Cantor: “As far as the software is concerned, there’s no such thing as a federation.”
• Ken K. on identity proofing and levels of assurance: “It’s ratholes all the way down.”
• Someone: “Where the duct tape is holding, people are very reluctant to let go.”

Neat project. But is it penguin-centric?