Pushing String

What a trip my first Gnomedex was — I think I’m hooked. It’s Chris’s happening, baby, and it freaks him out! (Think he can be convinced to dress up full-Austin next time? I did notice a bit of a shiny-jacket trend in the crowd.)

Lots of people have done roundups, so I’m mostly going to be lazy and point to Beth Kanter’s, which gives a great sense of the breadth, the depth, the value, and the occasional silliness of this event. I was very glad to meet Beth and to see her demonstrate, right in front of our eyes, the principles she was teaching. Really, the two-plus days were a virtual parade of interesting people, compelling stories, and cool tech.

Speaking of virtual… Gnomedex’s sheer level of online+meatspace social connectedness was something new for me. The 8.0 community feeling started early, with the @gnomedex Twitter feed. It continued with the conference badges that came with a social network. It got really strong while several hundred people watched the conference from home on the video feed (archive) and hung out on Twitter or in Chris’s chat room. (I daresay this feeling wouldn’t have been possible without the single-track setup.) And it continues even now. I mean, I tweet, and I speak at conferences, but I’ve never before sat down after giving a talk to find that dozens of people — some in the same room and others a world away — have just started following me. Delighted to meet you all! (Admittedly, I also exchanged business cards with some folks during coffee breaks, the old-fashioned way.)

I’ll post some thoughts later about my talk on online data-sharing relationships. But, staying “meta” for now, I’ll just send you to one more roundup, Micah Baldwin’s 3 Rules of Gnomedex 8.0, which I think nicely captures what made it special. Quoting will just spoil it, so just go ye and read…

This is a special moment.

I get to sit here at Gnomedex watching Ben Huh of ICHC review the Lolean Timescale of lolcat history — apparently the correct pronunciation is lole-cat and I’ve been doin it rong.

And I just met Kris Krug, photographer extraordinaire, who has promised to do portraits on-site for those who give him some linky love. I’m only too happy to oblige (uh, literally).

Finally, here are the additional notes I took on the OAuth/WS-Trust session Ashish Jain moderated at the recent(ish) SSO Summit, to supplement his post.

In addition to the use cases already mentioned by Ashish, we discussed use cases for having a security token service in its most basic form. There are “syntactic” reasons to need to exchange tokens:

• Going from a proprietary token format to a standard one (e.g., Kerberos to SAML)
• Going from one standard token format to another (e.g., SAML1.1 to SAML2)
• Going from one proprietary token format to another

The participants considered this pretty much a “necessary evil” for integration purposes — a tactical need that is likely to subside over time as standard token formats stabilize, converge, etc. We saw both internal and cross-domain uses for this, but identified today’s WS-Trust sweet spot as being within enterprises where multiple token formats are (still) in use.

Then there are semantic reasons to exchange tokens. For example, “identity oracle” use cases might have a need for this (handing out a cooked/computed assertion that someone’s “over 25″ rather than sharing their actual date of birth).

There are as many unique use cases here as one can imagine. I noted that Liberty ID-WSF has a few of these baked into services that it has defined, but they don’t currently use WS-Trust. (As an aside, there’s a group taking the first steps in a rapprochement here, appropriately pronounced “sig-wish“! Check it out, and let me know if you’re interested in helping.)