Catalyst Bound

I’m off to Catalyst tomorrow!

I’m really excited about attending Catalyst with no responsibilities this year :)  Last year, as exciting as it was to be working on the OSIS interop and presenting,  I felt like the whole week was a blur.  I look forward to relaxing, learning, and maybe asking a few pointed questions this year :-D

Over the last year or so, I’ve seen some trends in the Enterprise Identity world that worry me.  I’m very interested to see whether these trends are reflected in conference material or not. We shall see…

DEC 2008 – This one’s for you, Wook

Photo Credit: Martin Kingsley

Well, the Directory Experts Conference 2008 has come and gone.

This conference always blows my mind. The content is extremely technical. The community is close-knit, and supportive. The conversations in the hall are at least as technically complex as what is presented in the sessions.Peach!

For me, one very enlightening session was the last: an audience full of highly experienced Active Directory experts in the audience, facing a whole stage full of Microsoft staff. The conversation was candid, and there were items discussed that have been standing items for numerous DEC conferences (and likely to be for a few conferences more).

The strongest worry in the room involved IT response time to Mergers and Divestitures, ie forest-level splitting, renaming, and shuffling. One of the audience members simply noted that the pace of change of infrastructure must be able to match the pace of the business. If the stage had been full of Sales Reps, I’m sure that there would have been a lot of head nodding and warm fuzzy noises – but the truth is – it’s a hard problem. It isn’t something the team can just ‘whip up’. I think that the audience got the resource trade-off that would have to happen before their wish list could actually become shippable product, while the dev team had a chance to hear the pure, unadulterated panic in the voices of those airing the issue. You don’t get better communication with a vendor than what I saw at DEC.

I had a great time with my own presentation – I’m pretty sure I learned at least as much from the folks I met and discussed information cards with, as what I imparted to the people in my session — I can’t wait to synthesize my impressions and start a discussion here – I think that my conclusions will surprise some people.

Until then, I will leave you with the results of this year’s Wook Lee Challenge – Wook couldn’t be there this year and wasn’t able to respond remotely (like last year) — so a committee of brave souls dedicated themselves to picking up the torch :) As a result, this year was the First Annual IT Pro-am Wook Lee Memorial Challenge. Here’s hoping next year it won’t be memorial anymore, and Wook can resume his rightful position as challenge responder :) Wook, we cannot replace you, we can only endeavor to live up to your example.

Our challenge was to create a movie trailer about Forest Recovery and involving Joe Richards – creator of Joeware. Aaron Steele provided the artistic genius, and the whole merry band (Sean Deuby, Laura Hunter, Adam Greene, Chris Lowde, Joe Kaplan, Aaron and myself) had a great time coming up with the following cast and characters of “Indiana Joe and the Forest Recovery of Doom”:

  • Joe Richards as “Indiana Joe” (Indiana Jones)
  • Dean Wells as “Outa RAM” (Mola Ram)
  • Stuart Kwan as “Shortly Rounded” (Short Round)
  • Guido and Wook as eeeevil skeletons (since they both didn’t attend, they are ‘dead’ to us, thus the ‘memorial’ in the memorial challenge too, heh)
  • The lovely Princess Jorge as “Willie Boot” (Willie Scott)

You have to open this poster up in large format to truly appreciate all of the little bits – enjoy!

‘Tis the season


If you aren’t already aware, the Internet Identity Workshop is coming up in December.

IIW isn’t a ‘sit and watch the experts’ kind of experience. It is a ‘roll up your sleeves and get your hands dirty’ kind of experience. It is about showing off what you’ve done so far and collaborating in the moment to do more. You don’t have to have a big name or a fancy title to be ‘good enough’ to be heard here. You just have to be doing interesting things and be willing to share.

IIW is not an expensive conference to attend, and the unconference format means that the attendees can control the agenda. It will be both a formative and an informative event, I hope to see you all there.


Life at the speed of light

I’m sitting in this great trendy tapas bar in Brussels, surfing and drinking Sangria thinking about the past few weeks & months.

This has been a crazy few months. Mayhem up until the Catalyst conference in June – followed by a return for me to my regular bread & butter – identity consulting work with & around the Oracle Identity Stack and the Sun Identity Stack. My Information Card work has been pushed to the back burner, things are only getting done when I’m able to burn the candle at both ends.

Right around the time I left for a vacation in Mexico, the two ends of the candle became dangerously close together. Since then however, I’ve let off some steam in part by imbibing a ridiculous amount of alcohol in quite a few countries, and I have to say — I feel pretty good!

Our HotelThis week was the European Directory Experts Conference, and the wonderful folks at Netpro treated us unbelievably well. I have always loved the supportive and fun-loving group of MVPs and Microsoft folks who come every year to talk, listen, and challenge the attendees; it makes me want to dive deep into all of the great things that they know so much about, but I am already suffering from too many passions; something has to go by the wayside.

I’m not sure what the future holds – but I’m pretty happy with my present.

BTW, I took a pledge in Brussels, much to the amusement of my friends: I vowed to never repeat a Belgian beer while I’m here (after all, there are hundreds of choices, and so little time to sample them). Since you’ve all gone home and you probably think I couldn’t possibly have comported myself in a manner fitting of a strapping Canadian lass, here’s the proof:

Pam’s Belgian Beer List (in no particular order, those of you who were present for the actual drinking portion of the deal, plus I may add more if I get ambitious tonight — if I’ve forgotten any please feel free to speak up):

Beer in Bruges

  • Geuze
  • Karmaliet Tripple
  • Hoegaarden Grand Cru
  • Leffe Brun
  • Leffe Blonde
  • WestMalle Double
  • WestMalle Triple
  • Orval
  • Tongerlo
  • Mazout
  • Tango
  • Magners (ok well this is cider)
  • Kir Royale (also not beer)
  • Belle-vue Kriek
  • Lindeman’s Framboise
  • Brugze Zot
  • Rochefort 6%
  • St. Louis Peches (worst of the lot)
  • Grimbergen Double
  • Grimbergen Blonde
  • Affligem Triple
  • Bon Secours Blonde
  • Pauwel Kwak
  • Maredsous Triple
  • Barbar (one of my favorites)
  • Delirium Tremens
  • Gouden Carolus Classic
  • Jupiler  (these last 3 are new additions since the original writing of this entry)
  • Rodenbach
  • Duvel


On monday, OSIS members agreed to put on another Interop — this time in Europe.

This will again be a joint effort between the Burton Group and OSIS, with final results demonstrated at the Catalyst Europe conference in Barcelona Italy Spain (blonde moment) sometime during October 22-25 2007.

Participation is OPEN – if you have a component and you want to interoperate, join us. We are still hammering out the scenarios, so if you join now, you can influence what we test, if there are areas of interoperation that are critical to your project or group.

Discussion around this event is currently taking place on the osis-general mailing list — join the list and announce yourself if you are interested in participating or finding out more, or drop me a note if you want more information.

There are all sorts of new groups out there, and I can’t wait to see their code. We accomplished a lot last time, and we’re ready to do the same again!

Catalyst 2007 Detailed Rollup

So much happened at Catalyst this year! I’m a little daunted at the idea of describing it all. This year was my first time onstage at Catalyst, unless you count my cameo with Mike Neuenschwander a few years back, where I smashed his guitar to smithereens. Ah, the good ol’ days…

From a logistics perspective, things were fantastic. The right people were in attendance. The right amount of food and beverage was present. Interesting product announcements were made. Future community efforts were fostered. Men in superhero outfits scampered through the halls. It is obvious that the Burton folks have been doing this for a long time, and know how it all goes.

From a conference ‘architecture’ perspective, I thought that this year’s Catalyst was run very differently from previous years. I’m very happy that they ditched the ‘cross-cutting concerns’ concept this year, as the concerns they chose were never very interesting to me, and without that interest, a whole morning was written off. Instead, Burton chose a number of themes that they placed during various time slots during the week. As long as you were interested in seeing every talk within a theme, you could generally park yourself in a given hall and enjoy for the space of an afternoon or a morning. If you were more interested in who was speaking than in following the theme concept, things were a little tougher — talk beginning & ending times were staggered, so sometimes you’d have no choice but to walk out in the middle of one talk to get to another. For the most part, there always seemed to be an interesting theme going on somewhere at any given moment.

Another difference that I noticed was in the pacing of the content. Things seemed much more fast-paced this year — did anybody else notice this? My recollections of past Catalyst conferences are of fewer people talking longer. I don’t mind this new format for the most part — getting people to be more concise about what they say is almost always a good thing. The only problem with having so many people within a given time period, is that overages on the timing become a big deal, and there were times where everything seemed too frenetic, too much about being on time and not enough about delivering useful content. The worst was when the last person in the time slot was squeezed out — literally unable to give their presentation because others before them used time that wasn’t theirs. It isn’t fun as an audience member to watch a speaker attempt to edit their slides on the go, frantically changing a 15-minute story into a 5-minute travesty.

Then there was the Q&A. In the ‘old days’, I remember a single presentation on a single topic, followed by a healthy Q&A session, at least for the analysts. This time it seemed like a lot of content went by without any way for the audience to discuss it. Personally, I was a little distracted by worries about my own talk to be my usual mouthy self in the Q&A — but the truth is, it isn’t as much fun to riff on a topic that’s already 3 topics old by the time you get to comment on it.

I think that if I could have anything, I’d keep the frenzied pace for vendor & end-user presentations, but go for a more relaxed, more audience-discussion-enabled experience with the analysts. Oh, and it would have been really useful if you could actually READ the titles and names of the talks inside the official conference book that contained the schedule. Anyone who had a long title but a short time slot was doomed to an unreadable caption, which strikes me as completely contrary to the purpose of such things. I heard a number of people complaining on this point.

As far as guest speaker choice, I think Burton did a great job – and not just because I was one of them, I swear! I imagine that in general, the feedback will be very good this year — I felt a lot of good vibes and very few bad vibes from the attendees. My favorite presentation was probably Mark Wahl’s, I like the talks that bring real-world questions to the abstract level, I think they help people to leave with more than just generalizations. Dick Hardt does an incredible job of humanizing user-centric identity, and his report card on user-centric identity was not only provocative, but accurate. Ken Ross and Jim Harper were both excellent final day choices — Jim talked about sex in elevators, and Ken talked about video game economies — concepts which were just crazy enough when combined with identity that people were able to shrug off their hangovers and pay attention.

Me!  Chatting with Dale & Patrick

I’m also happy to report that my own talk went well. At least – I was on time, and I managed to cover the main points on my slides without descending into long explanations. I tried to pack a *lot* of different concepts into those slides (~20 slides in 20 minutes), and as someone who is very into the technical details, it was a supreme effort of will to change from slide to slide with only the barest of coverage of what was within. I can only hope that the descriptions I did give were reasonable. I have to say, I had a great time putting that deck together, and a great time presenting it. My thanks to the Burton folks for giving me such a great opportunity to pass on my experiences with and my enthusiasm for this particular new-school metasystem!

Catalyst 2007, gone by in a flash…

Well alrighty then:

Yes Travel to San Francisco for the Burton Group Catalyst Conference.

Yes See presentations from Jamie, Bob, Mike, Lori, Gerry, Jonathan Schwartz, Jim Harper, and of course Dick.

Yes Learn a whole bunch of new vocabulary, like decisioning and LLP and digital natives.

Yes Have a great time giving my talk (entitled “What I learned when I stopped thinking about information cards and started using them – a Drama in 3 acts”).

Yes Participate in the the long-awaited & highly successful OSIS/Burton Group User-Centric Identity Interop.

Yes Meet all of the great people who have been collaborating via email and conference call for the last several months in person.

Yes Spend large amounts of time in the Hilton sports bar with all my favorite Identity people.

Sum Total: A ripping good time!

So. What’s next? How do we keep up this kind of momentum?

  • we need to collaborate on identity schema and raising the profile of the work to be done in that area.
  • we need to continue to use OSIS to communicate interoperability problems within the community.
  • we need to do the interop thing all over again, but at the next level of sophistication.
  • we need to create a body of knowledge around best practices, industry expectations, and minimum security/validation requirements for Relying Parties.
  • we need to keep enjoying ourselves, this time of day-by-day discovery and learning won’t last forever, eventually the marketing people will get involved and the fun will truly end :)

I think we demonstrated a vibrant, growing community this week. I can’t wait to see where we go next.

I almost forgot…

I’ve been so wrapped in code and new features for PamelaWare, and the Interop next week at Catalyst, that I haven’t mentioned here that I am speaking at Catalyst!

My talk is entitled “What I learned when I stopped thinking about Information Cards and started Using them — a drama in 3 acts”. It is a gripping tale of romance, revelation, and ultimate wisdom that I hope you all will enjoy. The soundtrack will be out shortly :)

If you are attending Catalyst, be sure to come and heckle on Wednesday afternoon, June 27 2007, in Grand Ballroom B – and don’t forget to wander by and say hello at the Interop that night, which is in Plaza A, on the first floor. I’d be happy to give you a tour of at least part of what will be the most comprehensive collection of Identity Metasystem components assembled to date, working together across multiple hardware, operating system, and development platforms, and representing both open-source and proprietary interests.

See you there!

Information Cards @ Catalyst 2007


there will be an Information Card Interop Event at the Burton Group’s Catalyst 2007 conference in San Francisco on Wednesday June 27, 2007 from 6 – 9:30pm.


all of the cool kids from the world of information cards will be there, and ready to show each other, the Burton analysts, and most importantly – YOU, the folks who might just want to use this technology to solve a few important problems, just what this technology can do – not in theory, but in demonstrable practice.


we’ve already started — everyone got together at the IIW conference in Mountain View on May 15, 2007, and started testing combinations – 11 Relying Parties, 7 Identity Providers, and 5 Identity Selectors (also known as Identity Agents) all worked together to see what combinations of 4 different token types, 2 different managed card authentication mechanisms, and 10 different required claims, of varying types.


the Pamela Project is participating in the Interop — please make a point of dropping in to say hi, I’ll be hanging out in the Relying Party section, and I would love to talk to you.

So are you coming out to see us?


Hot Chicken!

I`ve barely recovered from this year`s Directory Experts Conference. As always, the NetPro folks found a great location, fed us well, and kept everything running like a finely oiled machine. Even a Wookless event couldn’t kill the fun — Wook took his challenge from Stuart Kwan remotely and exceeded all expectations as usual. This time the challenge was to adapt the kermit-the-frog song “rainbow connection” to describe strong authentication… it was priceless.

This year, it wasn’t the partying that tuckered me out at DEC – it was the coding marathon! We had a last-minute sprint to finish up our information card adventure for the attendees at DEC, cooked up by a few of us for the purpose of getting people at the conference to use and understand the Identity Metasystem as a real thing and not merely as a lofty concept.

Hot Chicken!Our adventure was a website called HOT CHICKEN!. Hot Chicken! is a site where you can go to vote on the best picture of a DEC attendee with the DEC Chicken — in this case a 6’5″ rendition of said chicken. The attendee who gets the most votes for their picture will win a Microsoft Zune – but you have to use an information card to see the pictures and to vote. If you are wondering what on earth any of this has to do with a chicken, the answer is that the chicken has a long and venerable history at DEC, which I am nowhere near qualified to explain. You’ll have to check out Gil`s blog for that kind of insider information :)

The Hot Chicken! site is built with Joomla (the open source Content Management System) and has PamelaWare for Joomla installed, not quite a version of PamelaWare that I can release (I hard-coded most of the admin settings) — but it is pretty darn close. Using PamelaWare for Joomla (PW-jos for short), users can authenticate to Joomla via information cards.

Even MORE interesting is that you can authenticate to Hot Chicken with one of two Identity Providers:

Nice Wings, BabySo please go and give Hot Chicken! a try! You’ll see there are still loose ends & holes (there are a few blog entries that will come from my chicken experience, that’s for sure), and we’re missing some critical validation bits & testing, but I’m still pretty sure that by enabling Joomla and opening up 2 new identity providers, we have taken a big step.

The Pamela Provider is up and running as a direct effort on the part of the Bandit team, and particularly of Daniel Sanders and Dale Olds, who managed to plow through all sorts of barriers and issues with dogged determination to get the provider running in time for Gil’s announcement on DEC day 2, as I worked on RP code (which was originally contributed by Pat Felsted, another Bandit, and then “pluginified” by me). The Bandit team as a whole has earned my eternal respect & gratitude, many thanks everyone (even Tom) :). I’m really looking forward to growing and maintaining the Pamela Provider for a long time to come, and to contributing back to Higgins in as many ways as I can.

Of course, all of these shenanigans were really a prelude to my talk on CardSpace — a summary of which I will save for another day.

So go vote!!! And tell me what you think…