In 2010, I gave a (in retrospect somewhat optimistic) talk at the Catalyst conference in which I described a pull-based architecture for account provisioning. SAML was a central part of that architecture, especially in supporting Just-In-Time (JIT) Provisioning, which I was sure was going to be important to the evolution of enterprise cloud applications.
In my last blog post, I discussed the issue of OAuth2 and authentication: Simple Authentication for OAuth 2? What is the Right Approach? As promised, I submitted a draft to the IETF for discussion in Berlin at the beginning of the month. While the working group didn't get a lot of time in the meeting to talk about the authentication issue (it wasn't formally on the charter), the submission did
Just back from about 10 days out of the country, so still catching up on everything, and will return to the topics from CIS and Catalyst shortly. But in the meantime, a little bit of nonsense.
For my 10,000th tweet, I wanted to do something funny that would celebrate just how much I love Twitter. And since one of the reasons I love it so much is my tweeps in the identity community (or Identirati (or Identerati)), I sent out this tweet:
I’m on my annual pilgrimage to the Gartner Catalyst conference in San Diego this week, and obviously one of the topics of interest has been standards. In his ‘Hitchhikers Guide to Identity’ talk (a blatant ripoff of mine!), Patrick talked about Standards being one of the pillars of the emerging Identiverse. And in the always entertaining ‘Identity Standards Smackdown’ that Ian Glazer moderates, SCIM and SAML tied as the “winners” (an obviously rigged result since Pam’s OpenID Connect was clearly superior.
In a previous article I described how to significantly increase your online privacy with the Tor service. RetroShare is another option for Internet users who are concerned with staying anonymous online. RetroShare is an application that lets you create private, secure network connections (based on 2048-bit RSA-encrypted SSL) with trusted individuals of your choice (a […]
That is the position is set out to convince people of with my talk ‘IDaaS: The Now Big Thing‘ at this years Cloud Identity Summit. Even with the words ‘Cloud’ and ‘Identity’ in the name of the conference, and even with a fairly friendly crowd, I knew that this would be a somewhat daunting challenge.
Over a year ago, several people, including myself, raised concerns about using OAuth (RFC6749) for authentication. By this I mean, that application developers are using OAuth enabled service providers as a way to authenticate their users (using Google, Facebook, LinkedIn, Twitter, or another major provider). They do this because they want to eliminate friction by forcing customers to create
What happens when you take a bunch of technologists interested in identity, cloud computing, mobile and the evolution of IT and whisk them away to a resort in wine country? Well, we will get a chance to find out next week at the Cloud Identity Summit that is taking place in Napa, CA.