The best thing about being the Community Evangelist for Ping is meeting all these amazing people: customers, employees, identerati. One person that I've had the pleasure to get to know is Craig Burton. He is always expanding my mind. Recently, he posted a link to a TED talk by Rachel Botsman. She articulates the core of what we all dream of in Internet-scaled identity, with existing use cases and examples from AirBnB, TaskRabbit, StackOverflow and others. This is the video that you can show your family so that they see your vision, too. What if these proprietary reputation systems were formalized with technology and contracts?

  • Rachel Botsman: The currency of the new economy is trust
    “There's been an explosion of collaborative consumption -- web-powered sharing of cars, apartments, skills. Rachel Botsman explores the currency that makes systems like Airbnb and Taskrabbit work: trust, influence, and what she calls "reputation capital."”

There were many other items of interest to the identity community:


  • Chuck Mortimore: Introducing Salesforce Identity
    [The above link is to slides from Chuck’s Dreamforce presentation]
    [Here are two YouTube videos: Salesforce Identity Demo (keynote); Developer Deep-Dive (session)]
    [In the Events section, you will find link to a Webinar scheduled for October 24, featuring Chuck and Pat Patterson, the SFDC Principal Developer Evangelist.]
  • Michael Barrett: Certificate Authorities asked to step up for Internet security; CABF takes a step back instead.
    “In the wake of the DigiNotar breach and other weaknesses appearing across the HTTPS ecosystem, we felt that several systematic problems stood in the way of improving this critical part of the Internet’s trust infrastructure – problems that would require coordination among browsers, CAs and website operators to solve. Although the CA/Browser Forum was not set up to deal with these problems in its current form, it was the best thing available – the place where we had most of “the right people in the room”, representing the vast majority of the market share of web browsers, operating systems, smartphone platforms and the certificate issuers themselves – we just needed to have representation for users to establish legitimate technical trust requirements.”
  • Martin Kuppinger: Internet Association – a lobbying organization
    “This could also be read somewhat differently: We are the lobbyist organization which will try to avoid everything that can stop us from building our business based on the data we have obtained about our users. We don’t want enforcement of privacy laws. In fact, the Internet Association has been created in response to the DNT (“do not track”) and is targeted against the FTC (Federal Trade Commission) and others who are driving this concept. Do Not Track signals that the user doesn’t want tracking of his activities. Even while DNT has been the main reason for founding the Internet Association, this is just a symptom of the bigger topic.”
  • Regarding ID discusses Kantara Initiative – Fall 2012 Issue
    “More and more we are being asked about Kantara Initiative, Identity Assurance, and our Accreditation and Approval program. So we’re pleased to let our readers know that Kantara was recently featured in the fall 2012 issue of SecureID News, RegardingID magazine. We’d like to thank the all of the great people at Regarding ID for taking the time chat with us and for writing an excellent coverage piece explaining the value of Kantara Assurance program to their well-read communities!”
  • Kantara Initiative announces Zygma LLC as the latest Kantara-Accredited Assessor
    “Joni Brennan, Kantara Executive Director said, “Zygma has been at the heart of the IAF’s development, providing service as the principal architect of the IAF, and we are pleased to now welcome Zygma as the latest Kantara-Accredited Assessor.” View our Kantara-Accredited Assessors and Approved Services.”
  • Matt Pollicove: How to Pick an IDM / IAM solution
    “One of the things that I am asked about most often is not about the implementation of an Identity Management product, but rather how to choose a solution in the first place. While my biases are well known, I do have a general framework to help organizations figure out what direction and products they should be considering in pursuit of a solution, since we know that choosing an Identity Management solution is not always so straight forward.”
  • Paul Salicido: OAuth, OpenID and Software-as-a-Service
    “Now, if you were to code your entire code base using the OAuth model with SaaS, then opening up either a) OpenID and/or b) OAuth is incredibly simple, especially if you have a non-OpenID identity OAuth endpoint (for instance,, etc.). External applications would not have the same need of attaching OpenID and OAuth together – only your internal application where it is expected behavior of a primary web application interface.”
  • Sergio Tapia: Mozilla Persona - OpenID Without The Flabby Baggage.
    “Before you actually read anything, just try the process of signing in to this website. It doesn't matter if you don't have an account with Persona, you can easily create one in 2 clicks. This is miles ahead of OpenID from a usability perspective. I can definitely see my mother using this easily with no problems.“
  • David Somer: Why Mozilla Persona Is the Right Answer to the Question of Identity
    “We were fortunate enough to partner with Mozilla and create a beta version of The Times Crossword as part of the launch of the Mozilla App Store. In doing so, we were one of the first third-parties to integrate Mozilla Persona (BrowserID back then). Mozilla even did a video about it.”
  • John Fontana: New Jersey straight-faced on smiling ban
    “The state’s Department of Motor Vehicles won’t allow residents to smile for their driver's license photos because it messes with the DMV's facial recognition software. In fact, since January there has been a ban on uncovered teeth. (The DMV claims it looks the other way on slight grins).”
  • Martin Kuppinger: Security like a start-up? Better not!
    “Recently, I stumbled upon a blog post with a title starting with the words “Do security like a start-up…”. That rang my inner alarm bells! When reading the post I became relaxed again. It was about the need for business and IT to work together and the recommendation to look for more generalists rather than specialists – both aspects I fully buy in to even while acknowledging that good generalists are a rare species.”
  • Anil John: Challenges in Operationalizing Privacy in Identity Federations
    “A critical part of the job of an identity/information management professional is to operationalize privacy in the systems they architect, build and deploy. Unfortunately, it is easier to make that statement than to come up with a rigorous and repeatable process to do it. It is hard because privacy is contextual in nature, and data often moves across organizational and system boundaries where shared context may not exist. This blog post is an attempt to articulate some definitions and considerations regarding operationalizing privacy within the narrow realm of identity federation.”
  • Bob Tarzey: The Identity Bridge – The Extended Value of Single Sign-On
    “There is nothing new about single sign-on (SSO) systems; they have been on the market for many years as a way to provide a single point of authentication for users before providing them access to IT resources. What is new is the increasing capability of SSO systems to better manage the changing way applications are being deployed and accessed. Here are some examples:”



  • OpenID Connect Technology Meeting, Oct 22 , 2012
    “OpenID Connect Technology Meeting will be held on Oct. 22, 2012 at Google, Bluewater Tech Talk Room, Google Building 1220, 1220 Charleston Road, Mountain View, CA
    Lunch is at 11:30 am and the meeting starts at 12:30 pm.”
  • Pat Patterson: Salesforce Identity Webinar – October 24 2012
    “Join me and Chuck on October 24 for a webinar focused on Salesforce Identity. We’ll be looking at how Salesforce Identity will allow users to login just once to access all of their applications and data, admins to manage access control and provision users to and from their orgs, and developers to integrate identity and access management into their web and mobile apps.”
  • Kuppinger Cole Webinar: Identity Management as a Service (IdMaaS) - the Dope or are we Duped?
    “Oct 30, 2012 17:00 CET, 12:00 ET
    Two identity behemoths—Microsoft and Salesforce—bucked the trend of cornering your identity in a silo and announced general purpose Identity Metasystems. Microsoft with its Azure Active Directory and Salesforce with its Salesforce Identity. Sounds too good to be true? This webinar brings Identity sage Craig Burton together with the architects of the two said Metasystems to explore just what each is planning. Kim Cameron and Chuck Mortimore will walk us through the Metasystem maze. Dope or Dupe? Either way, things are going to get interesting.”
  • OpenID Connect and Account Chooser Deployers’ Meeting at IETF 85
    “People interested in OpenID Connect, Account Chooser, and how they relate to IETF specifications such as OAuth, JSON Web Token (JWT), and JSON Object Signing and Encryption (JOSE) are meeting at IETF #85. We will meet at 1:00 on Sunday, November 4th, and have the room all afternoon. An overview of the specifications and status will be provided and open issues and next steps will be discussed.
    Hilton Atlanta, 255 Courtland Street, NE, Atlanta, GA 30303
    Sunday, November 4, 2012 from 1:00 PM to 5:00 PM (EST)”
  • Cloud Security Alliance Annual Congress to Feature Release of 20 Research and Guidance Reports
    “The Cloud Security Alliance (CSA) has finalized its research agenda for this year’s annual CSA Congress 2012 scheduled for November 7-8 in Orlando, FL. This year will feature the release of more than 20 research and guidance reports from various CSA working groups in some of the most critical areas of cloud computing.”


  • Craigslist, 3taps, Mashery and API Infrastructure
    “If you’ve followed the legal dispute between Craigslist and first Padmapper, then 3taps over re-use of their data you may know that things have taken an even deeper twist. Craigslist has now served a Cease & Desist to Mashery, 3taps API Management service provider. Mashery subsequently dropped support for 3taps.”

Cloud Computing

  • Facebook’s next compute challenge is cold storage
    “Facebook is a designing a new data center designed specifically to store all those photos of your baby from three years ago or your senior road trip from seven years ago for the long haul. It has to be cheap, it has to be power efficient. And it’s a fundamentally different data center design and compute architecture than the big web companies use today.”
  • How Facebook solves the IT culture wars and scales its site
    “People and processes are just as important as servers when it comes to scale. A Facebook engineer explains how the social network built a culture and tools to help it keep up with its ever-expanding hardware infrastructure and software toolsets.”
  • Businesses still lack confidence in the cloud
    “The Cloud Security Alliance (CSA) and ISACA have issued their Cloud Market Maturity report, outlining the top 10 issues with cloud adoption by businesses. They found that confidence is lowest in government regulation as a factor in driving or securing the market.”
  • Phil Windley: Where Does the CloudOS Run?
    “A while back, I published this diagram to describe the different levels in the implementation of the CloudOS and show the relationship between the construction of a traditional OS and the CloudOS. This is more than an analogy; there is real parallelism.”
  • James Urquhart: Why Amazon and Salesforce are pulling away from the cloud pack
    “In 2011, I predicted Microsoft and Google were poised to own the cloud computing market in the next decade. Eighteen months later, Amazon Web Services and seem like the ones that really have what it takes to dominate over the long haul.”



  • Join
    “Tent is a protocol for decentralized social networking. All Tent servers can communicate with each other. makes using Tent as easy as a centralized service. hosts your Tent server and a few basic apps as well (more on their way soon). You can still communicate with the rest of the Tent-sphere and use any Tent app, without the hassle of managing your own server.”
  • Facebook Says Child Privacy Laws Should Not Apply to ‘Like’ Buttons
    “The social networking giant Facebook has told the Obama administration that child privacy laws should not apply to a Web site’s ability to incorporate a “like” button, because that would inhibit free expression.”

Valuable Identity

  • John Fontana: UK drawing blueprint for massive scale identity infrastructures
    “Last week, the IDA approved eight companies and organizations, including PayPal, Verizon, Experian and the UK Postal Service, whose end-user credentials will integrate with government systems.”
  • John Fontana: NSTIC leader Jeremy Grant talks pilots, progress and the future
    “He joined me last week on "Five Questions With....." to talk about the pilots and other accomplishments around NSTIC, which attracted nearly 1,000 people to participate in specialized groups building policies and procedures to govern efforts to create an “identity ecosystem” that will secure online transactions and interactions.”
  • Episode 100: Daon's plan for the national strategy
    “Daon is no stranger to large-scale identity projects, being involved in national ID and border management projects spanning the globe. The company’s X-Products group was chosen as a pilot award recipient for the National Strategy for Trusted Identities in Cyberspace. Regarding ID’s Gina Jordan spoke with Cathy Tilton, vice president of Standards and Technology at Daon and the lead for Daon’s NSTIC pilot program about the award. Daon is providing an identity platform using smart phone technologies that can host multiple authentication methods and do risk-based authentication.”
  • Episode 101: Internet2's NSTIC pilot plan
    “Internet2 has been in the online identity business for more than a decade so its involvement with the National Strategy for Trusted Identities in Cyberspace may seem like a given. Internet2 will be working on building a privacy infrastructure for the identity ecosystem, including anonymous credentials, something that has been missing thus far, many say. Regarding ID’s Gina Jordan spoke with Kenneth Klingenstein, director of middleware for Internet2 about the pilot.”
  • John Fontana: NSTIC’s $4 million endorsement fuels attribute exchange pilot
    “One of those selected was Criterion Systems, whose pilot proposal for an attribute exchange network (AXN) included a number of supporting organizations and companies including Ping Identity.”
  • Wal-Mart Standing Strong Behind MCX
    “During a panel discussion at this week’s RAMP Mobile Retail Conference, Wal-Mart’s Mike Cook was clear the company is giving the thumbs down to Google Wallet and any other mobile strategy he believes contains the same flaws in traditional payment networks. “
  • Isis Inks Vending-Machine Pact With USA Technologies
    “Despite pilot delays around its Near Field Communication-based mobile wallet, Isis has moved forward in other areas and has a deal in place with vending-machine payments provider USA Technologies that could bring mobile payments to some 7,500 vending machines. About 1,500 of those machines are in Isis’ two test cities: Austin,Texas and Salt Lake City.”


* Required Fields