314 KiB
title | layout | description | excerpt | categories | tags | permalink | last_modified_at | classes | toc | toc_sticky | header | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
IIW Session Topics (Unofficial) | single | Session topics from the Internet Identity Workshop over the past 15 years | If you want to stay current in digital identity, keeping an eye on the session topics of the semi-annual internet identity workshop is a good place to start. |
|
|
workshops/iiw/ | 2020-11-03 | wide | true | false |
|
The Internet Identity Workshop has been finding, probing and solving identity issues twice every year since 2005. We meet in the Computer History Museum in Mountain View, CA. Every IIW moves topics, code and projects downfield. Name an identity topic and it’s likely that more substantial discussion and work has been done at IIW than any other conference! - Internet Identity Workshop
What is IIW? from Phil Windley on Vimeo.
IIW 30 2020
Tuesday
Session 1
- 101 Session OAuth2
- SSI Adoption Sequence in a Pandemic
- SSI to keep the Anonymous Open Web (keep quality content accessible)
- Digital Trust Primer and an Introduction to the Trust over IP Foundation
- Code of Conduct - at DIF
Session 2
- Building the WordPress for Crypto (reusable UI) - AND Call for partcipation in Funding Call
- 101 Session - Open ID Connect
- Authorization with SSI: How do we do AuthZ with credentials?
- ZKPs for JSON-LD
- "KERI (A) Key Event Receipt Infrastructure. A ledger agnostic framework for decentralized identity. KERI unifies many DID methods types.
- Verifiable Credentials for Trade Items
- COVID APPS: WHAT COULD POSSIBLY GO WRONG?
Session 3
- KERI -Part B Key Event Reciept Infrastructure.A ledger agnostic framework for decentralized identity. KERI unifies many DID methods types.
- 101 Session - UMA User Managed Access
- Malware attacks against SSI, how SSI may be the perfect honeypot if you're not careful
- Identity in DxOS Collaboratively editing document in decentralized application with Groups and multiple devices
- Evernym AMA
- Child Safety Online: SSI, VCs, governance, guardianship, GDPR
- VC & Open Badge Linkage
- Vectors of Authoritarianism
Session 4
- COVID Daze/Days - The HumanOS & new relationships w/connected systems & Services
- 101 Session - SSI and Decentralized Identity
- Your experience with exercising your rights (e.g. downloading your data) under CCPA or GDPR
- "DIF Universal Resolver and Universal Registrarhttps://uniresolver.io/, https://uniregistrar.io/"
- The State of SSI (gathering & sharing lists, stats, big news, etc.)
- A verifiable public document graph to facilitate SSI
- Dance Party
- DIDComm WG Progress Update
- "Entity and Object Identifiers: Bringing assurance and immutability to a decentralized network"
Session 5
Wednesday
Session 6
Session 7
Session 8
- How can we make Digital Identity a Sticky topic?
- Group Identity - Open Discussion
- Patient Choice Using Distributed Identifiers
- Are we all wrong? Maybe full pubilc display of all and everyones data, without exception, is the solution
Session 9
- Domains of Idenitty - Book coming out - 1) overview of it 2) help me figure out how sell more/share it widely
- KERI (C) KACE Agreement Algorithm Recovery
- Principles of User Sovereignty (1/3)
- SCIM Reignition - HR and SSI
- Healthcare Patient Choice with Distributed Identity Assurance
- DID WG Q&A
- Discussing the Future of Aries, Indy, and Ursa
- Sidetree Protocol / Element DID and Friends
- Understanding MyData Operators - white paper published today
Session 10
- GS1's decentralized approach to resolving identifiers over HTTPS
- SSI Architecture Stack / Layers & Community efforts
- Getting back to work: End to End Concept live prototype using Hyperledger Aries for Essential Workers
- ID2020 Certification: feedback and next steps
- Every vault has a key that needs to be secured outside the vault. Role of central entities at the periphery (edges) of SSI ecosystem. Seeking answers to questions faced when presenting SSI to consultants/customers/users.
- Fundamental Problems of Distributed Systems (2/3)
- TxAuth and XYZ (and Maybe someday OAuth 3)
- Deepfakes and Identity-- Problems, solutions, focus on technology
Session 11
- Creating a Knowledge Product for the Community - What do you want/need information wise you don't get / takes to much time? what will you pay for???
- DPoP Introduction & Current Developments
- Sovrin Update
- Are VCs a necessary hurdle on the path to DID adoption?
- Search Warrants and Smart Devices: Encryption, Privacy and the Crypto Wars
- Is consent broken? If yes, what can we do?
- BBS+ JSON-LD ZKPs and Aries & Indy. Your Thoughts?
- Tracking Identity on the Supply Chain: Curated Tour of the Report
- Spotting Economic Opportunity in an SSI World (3/3)
Session 12
- Kiva SSI BIOMETRICS and HOW YOU CAN HELP!
- What goes in credentialSubject? Let's chat Credential Ontology
- Reducing Correlation in Verifiable Credentials without ZKP
- Integrating DID into an app in 10 minutes
- JSON Web Messaging (JWM): What are they and why are they useful for secure messaging sytems?
- Trust / Risk Metrics in SSI - What can we learn from technical trust in order to inform human trust
- Determining demand & feasibility for your SSI/VC use case
- Building Technology and Successful Use Cases based on the most marganilzed as the answer to the problem
- OAuth Metadata: Mix-up Machine?
Session 13
- Cards Against Identity
- What is a Test Credential?
- True Self-Sovereignty: What Will It Take?
- "IIW SSI Spotlight: 5 Priority Topics of the SSI-Community 1 wallet backup, 2 on-device credential sync, 3 public DID verification, 4 control over public DIDs, 5 third-party identities"
- Minimum Positive Human Application of SSI
- Contextual, trans-silo, on-demand groups (incident resolution) - pragmatic challenges to forming persistent, formal, credential-based, conversations across enterprise boundaries to solve problems.
- SSI and COVID-19 health status certificates - ethics, policy and next steps
- Overlays Capture Architecture (OCA)
- Secure Data Store Working group - review the charter, meet the Chairs, invitation to get involved.
Session 14
- The Digital Harms Dictionary - Review of the tool and its mission
- SSI and Payments
Thursday
Session 15
Session 16
- Supporting sovereign insurgencies - secure communities for social change - putting out fires when it is illegal to do so
- Low-tech solutions - QR Code Wallets
- Portable Reputation Using SSI
Session 17
- Open Discussion on Email, Messaging, and SSI/DID
- Hyperledger Aries - How to send messages to an unknown receiver - The Out-of-Band Protocols
- Identity for All - Universal Declaration of Digital Identity
- Open Source Product Strategy
- Cards Against Identity - Hangover Edition
Session 18
- Hyperledger AMA
- Verifiable Credentials for Global Supply Chains
- Guardianship & SSI
- Your Trustee and Ethics in a Pandemic - What your community can do to prepare
- KERI Implementation: Whats Next DID:UNI Method. Ref Imp. DIF Project.
- Intro to the Me2B Alliance Testing Specification
- Credentials should be treated like keys KMS discussion
- Build an SSI Proof of Concept on Sovrin
- Intro to did:web Decentralized Identifier method
- Ensuring Transparency in Law Enforcement Exceptional Access
- PhD positions at Identity lab based in Edinburgh - Come ask me about it.
Session 19
- 101 Session: Verifiable Credential Handler (CHAPI) and DIDComm
- Transaction Tokens: Optimizing Authorization across "domains"
- The Future ain't what it used to be — How to approach the next few years (COVID, climate, economic depression ...)
- Call for Asia Pacific collaboration
- SSI and Payments Continued
- Organizational Wallet
- "Mouse Head Model (MHM): A global solution for safe and secure data sharing"
- We2B Community-wide Tools: Inventory and Needs
Session 20
- Overview of VC / DID / JSON-LD Interoperability Plug Fest
- Group Identity pt 2
- The Future of Telecommunications is DID Comm
- Magic Sandwiches
- Proving Security for Web Protocols
- Defining the growth factors of SSI
- SSI: when I should start charging my customers?
- Diversity & Inclusion - what are your experiences? we are designing an offering for this community and want input.
- Condensed/Repeat Sovereignty Principles + Practice = Opportunity
Session 21
- CCLang for encoding complex crypto constructs
- SSI for IoT: what are the benefits and challenges?
- Perspectives from the DHS SVIP participants on interop
- HTTP/3, DIDs - any new developments or thoughts
- Glossary Results - Credentials, Wallets, Agents Defined. + Next Steps
- Must we call it "Self-Sovereign Identity"? (hopefully not)
- Introduction\Discussion - Marshall Rosenberg's Nonviolent Communication
- Money is the problem: Mechanism Design for currency
- What is BC Gov doing? Why should I care about Digital Trust? Why is a government investing in this? Ask Me Anything .. can't promise the answer will make sense!
Session 22
- Can You Have Universal Id for All without a Token?
- Digital Harms - Crowd Sourcing the Concept
- An Aries agent in a browser tab: who owns it, who controls it, is it even a good idea?
- Lets Bring Blogging Back!!! :) Lets discuss a collective community strategy_Lets_discuss_a_collective_community_strategy)
- Learner Wallets
- Come teach a student how ZKP's work technically. Anybody else who wants to know, please come, and someone come teach us!
- IIW30: The Session Collection & Song List
- ZKPs for JSON-LD using BBS+ - Round 2
- Build an SSI Proof of Concept on Sovrin
IIW 29 2019b
Tuesday
Session 1
- Hyperledger Aries Project Status + Intro
- Introduction to OAuth2 (a 101 Session)
- Me2B Relationship Management/Tech Archite
- DID + Trusted Hardware Agents! (yubico,hsm,enclave)
- Link Secret FUD and other VC Fraud Learnings
Session 2
- Hyperledger Aries Biometric Service Provider RFC 231
- Into to Open ID Connect (a 101 Session)
- What Does a Sustainable SSI Business Look Like? The Business of Self-Sovereign ID
- The DID SPEC is Perfect! Change my mind.
- 5G, IOT, DLT, ML, and Other Buzzwords
- Machine Identities
- Selective Disclosure (w/o ZKP)
- Deepfakes: Tools + Rules to Save the Open Internet. What? How? Why?
- Open ID Connect 4 Indy Assurance
- Signln.Org What is it?
Session 3
- Beyond Bearer Tokens
- User Manage Access (UMA – a 101 Session)
- Seed Quest 3D Game Mnemonic Cryptographic Seed Recovery
- Identity CoOp
- Spirituality, Abundance, Mindset, Personal Identity, Role in Community
- Expanding Language… Digital HARMS Dictionary
- HYBRID Self – Sovereign Identity
- DIDComm Encryption Envelope Discussion
- Adam from ID @ Equifax: How can I help? What should I do? AAAAA!
- Open ID Connect Federation BoF
Session 4
- Calling All Actors! Help is shoot a demo on Guardianship with SSI in a Refugee Camp
- Introduction to WebAuthn /FIDO 2
- A Guide to Hyperledger Aries – Cloudagent Python architecture and implementation
- Cors On OAuth Token Endpoint NOT A BCP
- Job Shop
- DID Resolution
- Well-Known DID-Configuration – Connecting DID’s to Domains with an Emerging Standard
- Workday Credential Schemas (No LD)
- Truth or Dare Verifiable Credential Disclosure Patterns and Commitments
Session 5
- KERI: 1 Universal DKMI Root(s) of Trust Decentralized Systems Primitires & DKMI Last Mile of Trust
- SSI 101 (Self Sovereign Identity) (a 101 session)
- A Protocol for Decentralization – How Many Data Brokers Will We Need
- Online Access Refresh Tokens (2.0) & OAuth Browser (BCP)
- DIDs For Everyday People
- Secure Data Storage (The Hub HVBUB)
- Organizational Wallet?
- Learn Startup For SSI: How To Turn Your SSI Idea Into A Viable Business
Wednesday
Session 6
- Verifiable Credential Based Authentication over OpenID Connect
- Identity in Sierra Leone – Ask us Anything
- Decentralized UX: Designing Around Decentralized Identities
- ”Trust in Numbers” Ethical (and practical) Approach to Identity – Driven AI/Machine Learning
- Identity Standards: The Soap Opera (catch up on previous episodes + review major plot points
- Sovrin 101: Permissions, Codes Bases, Value TXfer, Issuing & Edge Agents
- Open Source Business Models
Session 7
- OAuth Pushed Authorization Requests
- Delegated Credentials = Guardians, Controllers, and Delegates with Any W3C Credential Type
- Aries Toolbox Demo + Feedback (tools to work with agents)
- @Me2B #SSI #VRM #IIW #Identity
- Identity for All – Refugees, Human Trafficking, Women, & Marginalized People = Tech Meets Real Life Experience & The Humans that DID + SSI Can Help Most, How & Why
- Gender Is Harder Than You Think
- What’s Going on With DID-Auth? & SSI + SIOP, OIDC DID Auth Demo
Session 8
- TXAuth (XYZ,RAR, JAR,JARM…)
- Issue A Verifiable Credential in 30min
- Problem of Provenance of Digital Content Roadmap to Solution
- Consent Receipts for Financial Services and more….
- Me2B Intro & Org Finder Wiki
- DOMI Digital Rental Passport Architecture & Data Workshop
- Freeclaims.org – Let’s Encrypt For Basic Verifiable Credentials
- DIDComm – Part 2
Session 9
- Highlights from 12 Months of Private Sector Research = Election Security, Supply Chain, Legal and IOT
- Proof-A-Palooza: Standardizing Presentation Request Language for Verifiable Credentials & VC’s in Application (Part 2)
- Privacy Chain Update
- Customer Commons – VRM MarketPlace FrameWork
- Financial-grade API & CIBA (Client Initiated Backchannel Authentication)
- Manifold: Identify and Manage All Your Things
- Mark of the Beast? Religion’s Impact on Identity
- Consent is Broken – Privacy Implications for SSI
- VC’s In The Supply Chain GSI
Session 10
- KERI: 2 Universal DKMI Events Witnesses Architecture
- Understanding and Implementing peer DID’s in 60 min or Less
- The Great Hub Hubbub
- Finish RWOT 6 Principles for Self-Sovereign Biometrics
- AMA w/Sovrin Exec Director
- Browser Changes (SameSite, ITP) Affecting Identity on the WEB
- A Machine Learning Perspective on Data About Me
- High Assurance OAuth/OIDC Profiles for Gov. use Cases
- Workshop – Universal URI For Deep Linking in All SSI Mobile APPS
- ”I Am Spartacus” Privacy via Obfuscation for Vulnerable Populations
- The Trust Ove IP Stack – A Path to Global Interoperability for SSI and Verifiable Credentials
Thursday
Session 11
- Are We Boiled Yet?
- Life Scope – Meet Your Digital Twin – Data Hub/DB/Wallet + Identity + Cred + Me2B
- Platform Architecture – Building the back ends and systems that support AS services. State? Scale? Price? Persistence?
- Aries Protocol Test Site
- Pico Agent in a Tab One Click to Identify?
Session 12
- Identity for All 2 – how can tech present at IIW help with digital identity for marginalized populations?
- XYZ & DID Deep Dive
- Seed Quest – Demo & Exploring Use Cases
- Verifiable Credentials for Mobile Skills Schemas & UX
- Me2B “Me” – side interoperability & integration (part 2)
- Retrofitting OpenID to Existing Apps BCP?
- DID:GIT: Where is it at?
- Life Scope.io Digital Self
Session 13
- Censorship Resistance and Permissioned Ledgers: Survivability Analysis
- ID4 Africa – Exploring Possibilities for how SSI Communities and Companies show up @ the event & surrounding weekends
- DeepFakes Part 3 – What Parts of the Identity Stack & Verifiable Credentials for Digital Provenance?
- Generic MFA Token Recovery – The good the bad and the ugly
Session 14
- CLAIMS Vis-à-vis Scopes in OAuth & Open ID
- Pico Agents for Communication (follow-up)
- Tracking for Good Pragmatic Privacy
- Product Roundtable – Bridging tech & business, connect and share challenges and resources
- Hush-A-Phone
- Self-Sovereign Human Rights Parallelism
Session 15
- Terminology – the Plan
- Card Against Identity
- Expanding Language = Systems / People = Osmosis & Opaqueness
- Sidetree did:ion + did:elem Roadmap + dev
- Building a Business Around Identity In Education (From a Colombian Perspective)
IIW 28 2019
Tuesday
Session 1
- DID Communication Callbacks, Hubs, and Agents
- OAuth 2 An Introduction – 101 Session
- WebAuthn (101) An Introduction to the Specification
- Your Data Your Currency You Terms & What Do People Need to No Longer Need Facebook?
- Decentralized DID’s
Session 2
- IIW Book! Come get a REAL IIW attendance verification credential and prove it to your IIW friends using your phone!
- Introduction to Open ID Connect – 101 Session
- Blockchain Social Media & Relationship Sharing
- Identity Management in Physical Security World
- Sidetree protocol – Massivly Scalable Decentralized Identifiers – DEEP DIVE
- A Standardized Information Governance Label for apps and services
- Tokenization with DID’s?
- SSI Startups – Partnerships, Investments, Recruiting/Jobs, Ideas Lunch Session
- Where are the KARMIC Identity Endpoints?
Session 3
- What Does a Layered Identity Model Look Like? (Like OSI 7-Layer Model for Networking)
- Use – Managed Access (UMA) – 101 Session
- Relationship Lens
- JWT Profile for Access Tokens
- Universal Resolver for DID’s – What it is and Why it matters
- Open Banking – Variable Scopes – Multi-Scope Tokens
- Key Management/Usability for Lay People
- Personal Information Value Equation
- Rubrics for Decentralized Identifiers
Session 4
- Git + DID (and fully anonymous open source Projects)
- FIDO – 101 Session
- Gov’t IS the solution to ID – Change my mind
- How can trusted identities be accepted by governments and industries?
- Self-Issued OpenID Connect (SIOP) DID Auth Flavor
- Identity @ Hyperledger *Indy *Ursa *Aries *Idemix & FabrCA
- What is the Problem? – Customer discovery lessons and techniques for building identity products for business
- There Is No Scope – Doing Scope, Cliams the OIDC Way – IRL
- Is IAL Enough? *Do we need more vectors to communicate both assurance need + “level”? *How are you filling the gap? * Where is it working well?
- WEB AUTHN Together with DID’s
Session 5
- Meta-Platforms cooperative network of Networks Scaling effects: Decentralized Identity – Transcontexted Value Transfer
- Intro to Self Sovereign Identity - 101 Session
- 5Radical Ways to Keep Vendors Accountable for Your Data!!! Kantara Consent Receipt
- Is Practical Sybil-Resistant Self-Sovereign Identity Possible?
- MyData HUB (101:The Declaration)
- OAuth Clients Create Token
- The Case for an OIDC Ephemeral ID
- Machine Identity
- Deep Dive Demo – Connect Me + Onfido Creden
- Digital Natives: How do we get them to care about Digital Identity?
- Wyoming Laws & Regs Proposals
- Ask Me Anything about Sovrin Foundation Closing Circle
- Digital Identity for Refugees & Disenfranchised Populations: The “Invisibles” and Standards for Sovereign Identity
Wednesday
Session 6
- A Process for Discovering Truth? Can credentialed chains, or other ID Tech, help create authentic voices learning from historical research practices of Museums & Archives.
- OpenID Connect for Identity Assurance
- FastFed Easy Connections IDP – APP + Governance – Who should have permissions in the App
- Developing Standards – involving Non-Tech? and Tech? People
- Alice to Bob – Self Sovereign Interoperability Without Censorship – U.S. Federal Regulations
- DID Communication – What is Message Routing and why you want it in your life
- XACML / ABAC / UML 2.0 and SSI Policies
- Let’s Build A Decentralized Social Network
- What’s Supposed To Happen When A DID Operator Goes Out Of Business?
Session 7
- XYZ Transactional Authorization
- BC Gov , MATTR, STREETCRED – IIW Book Redux
- Healthcare & SSI ??? Use Cases for All
- Protocols vs API’s – Resolving the programming paradigm difference between DIF and Indy
- Approach to Bottom-Up Standardization of Claim Content Structures #interop
- Git +DID pt. 2.1
- Making a Map of all the Working Groups Working on SSI/Decntralized ID + how it fits together + making a weekly/monthly + yearly calendar
- DATA Fiduciaries FTW
Session 8
- Git + DID pt 2.2
- GC Gov – Indy Catalyst Agent + Agent Framework: What are they?
- Product Chain Overview & Update
- OAuth 2.0 + on single page Applications
- Anonymous Saliva DNA Extraction Kit using Blockchain
- Privacy Chain Overview & Update
- Hey Kids, Let’s Build a Trustworthy, Decentralized, User-Focused Web Ecosystem!
- Where Have All the Trust Frameworks Gone?
- Continuous Access Evaluation Protocol (CAEP)
- Taxonomy for Digital Credentials – interoperability / multilingual
- Verifiable Credentials Q & A?
- How Can We Detach Users from CENTRALIZED Social Media?
- DID Communication Message (JWE) Encryption
- Karma DID Method: Buddhist Approach to Identity
- Domain-Specific: Governance Frameworks – What Are They & Why Might You Need One?
Session 9
- Linked Secrets and ZKP’s
- Women In Identity @womeninID *Plans for 2019 * How do we create success? (Allies & Supporters Welcome!)
- Vectors of Trust
- DID Communication Message Types
- Self-Sovereign Commerce (VRM, Me2B) Progress Report & TBD’s
- Paradox: Recovering from Maximum Personal Data Disaster (when all is lost)
- Are Crypto Wars Coming? Issues & Solutions
- Workshop on a Layered Model of Identity for Iteroperability
- App Level proof of Possession Dpop/Pop A Case Study
- Privacy Engineering in Context + Relational Integrity
- Smart Custody
Session 1
- Seed Quest 3D Game Mnemonic Easy + Fun Demo Seed
- Me2B Alliance Intro
- How to Issue That? The DIF Credential Manifest
- The Peer DID’s Without a Blockchain or any other Central Truth
- Managing SSI (A relying party perspective)
- How Do We Move From Good Intentions – Gender Parity at Conferences
- Creating an Ecosystem of Trusted Applications – Oauth2 Dynamic Client Registration
- Overlays (ODCA) What are they and how do they intersect with self sovereign identity?
- IEEE in Digital Identity + Inclusion – InDIITA 2019 Bangalore – Standards + Programs – Ethics
- Community Claims & Discovery
- There Oughtta Be A Law! OCCAM’s Regulation, Legal Engineering, & Policy
Thursday
Session 11
- Fraud w/Cred – Attack Vectors and Remediation's
- Intro to Me2B (1/4)
- Why “Specific & Informed Consent” is Nonsense (or Not)
- Hub/Agent Cloud Stuff Project/Company Intro’s/Explainers
- PWN-Back Your ID (from Equifax, Experian, Transunion) Check-it-Protect It
- DPoP – Current Draft, Next Steps
Session 12
- On No You DIDn’t! Your identity is not self-sovereign.
- Me2B – Have YOU Changed Activity Because Unethical Data Company? (1/4)
- Get Real ONFIDO ID on Your Connect.Me Digital Wallet
- Wireline P2P O/S
- What Do Activists Need To Know?
- Sidetree on Ethereum “Element
- Otology + 00 Taxonomy – Crafting Chaordic Organizations in an Ontonomic World
Session 13
- Hub/Agent Action Meta Protocol
- Social Contract: Universal Guiding Principles – Me2B (3/4)
- The Identity.com Validator ToolKit / Demo with OnFido +SoOm Integrator
- How SSI Can Disrupt Platforms
- OffChain (PKI) Key Management – Revocation Rotation
- Latest in Verifiable Credentials Crypto
- Workflow/Forms and SSI Credentials
Session 14
- PDPR (Personal Data Protection Regime) – A discussion on Digital Street Smarts & IDRC What are the foundational rights of an individual= Independence Respect Dignity Consent
- Let’s Make a Map! Of OAUTH Specs
- What I learned in India about their National ID System
- Hyperledger ARIES – Ledger Agnostic Open Source
Session 15
- Formal Security Analysis of Web Protocols
- Me2B Code of Practice / Harms Workshop (4/4)
- The 4 Layer Digital Trust Infrastructure Stack
- Selling the Business of Value of DID’s
- SSI Agents for the IoT Using Pico’s
- The 4 Layer Digital Trust Infrastructure Stack
IIW 27 2018b
Tuesday
Session 1
- Centralized + Decentralized Identity Standards OAuth + DID w/Code!
- Introduction to OAuth2
- IIW – LAB-in-a-BOX for Communities to Be In Living Experiments
- lockchain TLD’s
- CULedger is Working to Improve Member’s Experience *Better UX *Lower Fraud – We See FB Added Value BUT They Were Creepy – Help Us Get It Right and Natural
- An Interactive Sovrin Network Demo
- Machine Learning/Computer Vision & Internet Identity
Session 2
- Sovrin Credentils and IoT
- Intro to OpenID Connect (101 Session)
- Blockchain 101 + Why You SEE BC Identity Projects
- How Can We Enable/Support Individuals to Grow/Create Their Own Credentials
- Identity and Trust in Healthcare
- FIDO FAQ
- Domain Specific Trust Governance Frameworks Healthcare Worker Identity + Credentialing
- Device Bindings & Session Control w/ ADC/OAuth (ingredients for zero-trust)
- Review W3C User Consent & Permission
- Guardianship – When Users Can’t Manage Their Digital Wallet
Session 3
- A Catalyst For Trusted Digital Ecosystems
- Intro to User Managed Access (101 Session)
- Impact of Apple ITP2 On OIDC & SPA
- Decentralized Kay Management
- World-Scale DID Methods On Top The Blockchains/Ledgers of Today
- How Do We Bring “Tribal” (group) Identity Online With Us?
- Cyber Security Data Breaches Fight With AI
- Australia’s Tsunami of Data Laws – ID, Open Data, Cyber Front Doors. What + Why
- Sovrin Stewareds – Feedback Onsite
Session 4
- How THEY Consent to OUR Terms
- Introduction to FIDO (101 Session)
- We Need a Working IdP Discovery Mechanism (for RISC, Fast Fed, and more)
- DID Resolution + Registration
- Question re DID Standard ~ What is with the changes from V1 to now, including how verifiable credentials claims attest as work?
- Deep Dive on ‘Identity Hubs’ Encrypted Personal Datastores for All Types of Identity Data, and a Platform for Decentralized Apps
- How Do We Do Digital Consent Forms & Share As Claims W/Multiple Parties?
- A Standardized Information Governance Label
- Design an Undergraduate Blockchain Course
Session 5
- A DID For Everything!
- Self-Sovereign Identity 101 (101 Session)
- Unintentional Consequences of What We Build
- MyData @ IIW
- Personal “AI” / Self-Sovereign Identity & Personal, Private Internet
- Sovrin AMA
- What Questions Should I Ask Myself Before Clicking The ‘I Accept’ Button?
- OIDC FED
- The – ABACUS: A New Approach to Authorization
Wednesday
Session 1
- Beyond OAuth: Transactional Authz
- Verifiable Credentials 101 (How the Sovrin Demo Works) & Concept Map of Verifiable Credential Specification
- HL Indy Ref Agent – Sovrin Demo + Future Work
- SSI in Europe – Getting To a SSI Agenda With Politiacal Backing #SSIpaper
- ”Moon Coin” Tying the Digital World to the Physical (a discussion) & SSI is Coming Here
- Signed Data (JSON – LD vs JWTS or something else)
Session 2
- 7 Myths of SSI
- Identity & World Bank Funding. 1Billion in Loans to African Countries for Aadhaar Like Systems??? Could this go to SSI Systems?
- Usability for Developers Applying Lessons from TLS to the Blockchain
- A Interactive Sovrin Demo II
- PRIVACYCHAIN: A blockchain-based system for consent management for data supply chains
- Fixing Enterprise IAM – Automation – Self-Service – Security – Rapid Adoption
- CYBORG Future of ID
- OAuth for Single-Page Apps (javascript apps) Best Practices Recommendations
- GS1 Digital Link: Defining Digital Identity for 100’s Millions of Every Day Things
Session 3
- Best Practice for Managing Tokens or How to Avoid Being the Next Victim After FaceBook
- Digital Life: Stage 1 – Surveillance Capitalism + Re-engineering Humanity
- Identity in the Academy
- Continuous Access (long-lived session update sync across clients)
- DID Web API’s Including: Contexts, Operation classes, Identity Hub
- Decentralized Ecosystem Governance with Blockchain
- M.E.S.H. Managed Ecosystem Superdistributed Hashes
- Q&A with Sovrin Foundation Executive Director
- [Forget About Identity & Authentication (Discuss New Aproaches](https://iiw.idcommons.net/Forget_About_Identity_%26_Authentication_(Discuss_New_Aproaches)
- OIDC DID-Auth Profile
Session 4
- Self Sovereign Identity Technology Demo and Ask Me Anything
- Sovrin AMA – Part II
- Data Transfer Project – Universal Data Portability for All
- Blockchain TLD’s, Identity Key Management
- Consumer IOT – A Perspective of Retailers, Brands, and Manufacturers
- Part Deux! Permitify – dFlow in Action
- the HumanOS As An Identity Generator ~ Implications on the Digital Domain
- Identity Proofing w/Open ID
- How To Build Context-Aware Systems to Avoid Context Breaches in a World of Intelligent Agents, IOT and AI
- Identity, Ethics and Digital Inclusion – the IEEE DITA Program
- Civic AMA – Product + Partners
- Subjective vs Objective Identity
Session 5
- Seed Quest + Didery – 3-D Game Mnemonic DID Keystore
- Decentralize The Internet With a Simple Link
- The Identity.com Eco-System – Introduction + AMA
- Manifold – Give Your Things an Identifier
- Id(enity) Relationship Management, What, Why, Where
- Overlays 101
- Making OAuth Work on the Open Web
- Data Store Interop?? How Do We Bridge Private Island of Users?
- What’s In Your Wallet? + Who Is In Your Wallet?
Thursday
Session 1
- OAuth Security 4 Dummies
- Canonizer! Distributed Governance ~ if we can establish identity
- ME2B: Creating a Non-Surveillance Capitalism Market
- DIDAuth + Obj. Cap.
- Bliss & Emptyness ~ A Buddhist Approach to Identity
- What’s In It For Governments? (Potential Use Cases)
- Overlays 101
Session 2
- Dual Tokenomics – Virtous Behavior – Mechanism Design – Fixing the Broken Single Token Model
- MyAI – Gaining Insight Into Your Own Data
- Consent Management – Receipts Practices Standards
- How Should a Blockchain Social Network be Moving on Digital Identity Now?
Session 3
- Sovrin Interactive Demo III
- Blockchain Myths & FAQ
- What Every Identity Professional Should Know ~ An Introduction to IDPro
- The Orgbook – Watch Us Create A Concept Map!
- Ask A Millennial About Identity
- W3C Strong Auth & Identity Workshop Dec 10 – 11 ~ Ideas + Design of Workshop
Session 4
- R&E Identity – Where Do We Go Next?
- LifeScope Demo & AMA
- Defining the SSI OS
- The Great Dalmuti ~ What we should consider about Identity as Learned from a card game –
- Standards Don’t Suffice
Session 5
- How Data Analytics Will Change Thanks to SSI
- LIfeScope Demo & AMA --- continued
- Democracy.Earth – Exclusive Announcement
- Vegan Atheist Crossfitter ~ Which do you mention first?
- IIW Wikipedia Page! Help Us Strategize to Get One Finally
- Defining SSI Layers Workshop
IIW 26 2018
Tuesday
Session 1
- 3D’s of Identity (agents, relationships, ATTR’s)
- 101 Session / Introduction to OAuth 2.0
- A Primer on Verifiable Credentials and Decentralized Identifiers
- GDPR What (Identity Stuff) is it GOOD for?
- Identity Agents & HUBS: Messaging API’s & the “Layer Model” & Functional Architecture for S.S.I. Blockchain – working session
Session 2
- IDPro Organization
- 101 Session / Open ID Connect
- RWOT 6 Biometric Principles White Paper Review
- Identity Wallets are not Crypto Wallets
- Cat Herding – Building Consensus
- Capabilities 101 Lunch
- Functional Identity 101
- Use = Self Sovereign Bill of Rights = To Update Real Estate Consumer Bill of Rights
Session 3
- Self-Sovereign Agent Communication
- 101 Session / Introduction to UMA = User Managed Access
- Yo GDPR: Terms WE Assert and Sites & Services Agree to Check
- Distributed Social Networks (Activity Pub etc…)
- Could Native Secure Access
- Agent Communication
- Mobile Driver’s License (mDL)
Session 4
- What Are The ‘Wallets’ visions/projects – Do We Need a Working Group?
- 101 Session / NIST Digital Identity Guidelines
- Digital Puerto Rico
- User-Managed Access: The BLT Sandwich – Business, Legal, Technical – Use Cases Mappings
- Intro to DID Auth
- Fedromp High FAL3 + AAL3 What is Required?
- Decentralizing Reputation (with blockchains?)
- The Future Of PRIVACY While Accessing PUBLISHED CONTENT
Session 5
- Fast Fed – Making SSO Easier to Set Up. Intro and Looking for Others Who Are Interested
- 101 Session / Self-Sovereign Identity (SSI) DID’s, Verifiable Claims etc…
- Building A Sovrin Linked Permissionless Ledger for Data Analytics
- Compatibility JSON-LD & Indy Proof Request Exchange
- Armor Up – The Gravity Wars ~ Real World vs Virtual Reality and the Human OS
- SISA’s = Standard Information Sharing Agreements
- OAuth + SPA (Single Page Apps) Can We Just Use Code Flow Everywhere
- Digital ID for Stateless Refugees
Wednesday
Session 1
- What is Sovrin? How to become a Sovrin Steward. Self Sovereign Identity 102
- WebAuthn + DID Auth
- Agent/Wallet? What is Agent? What is Wallet? Are They The Same?
- Decoupled Flow for OAuth (AKA CIBA)
- Zero Knowledge Proofs 101
- Native SSO for Mobile Apps
- Agent Communication Message Types + Names Spaces
Session 2
- DKMS Demo
- TheOrgBook / Permitify – Bootstrapping SSI Using A Gov DID/Ver Cred Workflow Implementation
- DID Ledger Lightening Talks
- What Do You HATE about OAuth?
- Publishing & /Advertising After 25 May ADPR Day
- Consent As A Service: Making Consent Compliant & Effective
- MyCUID/CU Ledger Update & Workshop
- Path To Adoption for Self-Sovereign Identity & An Idea For Soverin / Use Cases For
- Digital Puerto Rico Part 3
Session 3
- Quest For The Mnemon Seed #1
- Bringing The Best of IIW to India / Making IIW a Global Decentralized Community
- Open ID Foundation – Fast Fed & DIDC Federations = Enough Similarities to Share/Merge?
- Philosophy of Conscious Body w/Tech, ID Experience & S.O.U. Sovereign Ownership Under Law Prize 10M
- Saving Democracy What Could Happen
- DID Auth Workflows (Part 2)
- IaM and IoT
- Digital Guardianship
- Outsourcing GDPR Using UMA
- IAB Transparency and Consent Framework
- Sovrin – Exploring Building an Alliance Wants & Needs (especially if you aren’t Evernym)
Session 4
- The Business of Self-Sovereign Identity
- Kantara Consent Receipts – Communicating User Consent Between Data Controllers
- The “ID” of KIDS
- Expanding Language = The Identity of Words ~ Amebic / Shape Shifting
- Discussing + Examining CULTURAL BIAS In Specifications and Other Technical Documents
- An Analysis of S.S.I. Using Appreciative Inquiry
- Mobile APP - APP OAuth
- SAML Interoperability Deployment Profile
- DID Resolvers & DID JWT
- Easy POST Quantum Signature with Block Chain
- Separable Identifiers & Intersectional Collaboration
- Do-It-Yourself password free! – Cryptographic Authentication for Web Apps
Session 5
- Indy 301: Attribute Based Credentials & Zero Knowledge Proofs – Secret Contracts Private Computation
- Secure Elements DICE & TPM
- Communications Words Storytelling For Humans
- GDPR AEORR (requirements + capabilities) Interactive Design Session
- Consequential I.D. – How Not To Reinforce Power Imbalances in the Systems You Implement
- Phone # Global Identifier
- ORCID: What Should It Be Considering?
- Veres One (DID Ledger) Deep Dive
- Open ID v. FIDO v. SSI
- TLS Flex Expanded Library Support For Alternate Certificate Sources
- How Are You Making Money In The Sovereign Ecosystem?
Thursday
Session 1
- Solving Professional Credentialing – A Dialogue w/Projects & Companies
- Soliciting YOUR Input (help a newbie!) How do You Want To Wield Your Data To Get Things Done? Commerce & ID
- Zero-Knowledge Prof’s 101 ENCORE – Only Highschool Math
- User-Controlled GDPR Consent Cookie
- Cooperation Among Our Communities Owning Interoperable Identities. A Cooperative?
Session 2
- InSide Out SID’s (Standard Immutable Delegation) & Trustless Distributed Computing
- Future of SSI: Tech Scalability & Onboarding Issuers & Identity Holders to Identity Blockchains
- REAL Federation
- PDX – Personal Data Exchanges – Possibilities Why/What
- Addhaar Pros + Cons
- Contributing to W3C Standards
- Comparing Info Without Revealing It
- Agent-Centric v Data-Centric Reality
- Digital Puerto Rico – Part 4 of 3
- Beyond Early Adopters – Getting the World to Inform What We Build!
- Identity Hub Personal Data Store – Soverin Agents – The Grand Unification
Session 3
- Mydata Movement – Looking at Identity from the Perspective of Human Centric Personal Data Management.
- eIDAS & SSI
- Self Sovereign – Reputation – Radical – Disintermediation + 2 Sided Networks
- Using Identity Tech To Keep People Safe in the Real World
- How Agents + Decentralized Interfaces Help The De-Siloazation of IoT
- Designing Ourselves Into The Future & Humanizing DID’s + VC’s
- Hyperledger – Who/What/Where/Why Open Source
- Breaking Digital Gridlock – Banking and Identity
Session 4
- Massively Multiplayer Online Secure Environments (Games!)
- Who Am I? (story time with Markus)
- A Self Sovereign Technology of Stack HIE of ONE
- Digital Divide & Gender Equality in Indian Emerging Markets
- Value Network Mapping Market Models 4 Self Sovereign Ecosystem
- A Conversation About RECOVERING…. A Forgotten Credential Security
Session 5
- CRBAC An Introduction
- The Sovereign Web-Of-Trust Model / Dynamic Web of Trust?
- ID & Connected Vehicle
- ”Machine Readable User Asserted Terms for Privacy” An IEEE Standard Working Group
- Delegation of Authority for Organizations + Services w/DID’s + VerfCreds
- WHAT IS YOUR PROBLEM? (Bring Me Research)
IIW 25 2017b
Tuesday
Session 1
- 101 Introduction to OAuth2
- DHS S&T IDM Program’s R&D
- DIF Technical/Recap and Roadmap Discussion
- App Auth Q & A RFC 8292 BCP 212
- Blockchain Democracy
Session 2
- Self-Sovereign Identity #
- 101 Introduction to OpenID Connect
- Is Your Data Legal? Meaningful (oxymoron?) Consent
- ‘Fixing’ The Consumer IOT/Smart Home User Experience
- 6 Degrees of Identity Freedom
- DIF Did’s In-Depth (w/Review of Contentious Bits)
- Token Binding for Cookies – OpenID Command OAuth
- Intro to Hyperledger “So you think you need a Blockchain…”
Session 3
- Mutual OAuth Distributed OAuth
- 101 All Things UMA (user managed access)
- Concerned About Centralized Authority? Let’s Make It Participatory
- Implications for the End User of How You Design A Blockchain For Digital Identity
- Aadhaar
- Information Sharing Agreements (ISA) – First Party Terms That YOU & I Proffer: V2.0 of the Commercial Web
- The Big, Big Picture = Identity Money Topology – A Conversation
- Identity Agents: It’s not just what you know, it is what you can DO – Personal Data Stores—Extensible API’s
Session 4
- RISC – Working Session
- 101 NIST – Digital Identity Guidelines ‘101’
- Blockchain Security & Privacy R&D Lessons Learned and Gaps
- Fixing Social Security Numbers = Blockchain, Good Identity, Don’t Break Existing SW
- Functional Idenity
- Public Blockchains AND – Private UMA) User Managed Access_User_Managed_Access)
- Open ID Connect CIBA Explained
- Identity Concepts Around The World
Session 5
- Public Blockchain Addresses FOR User-Centered Digital Signatures
- 101 Introduction to DID’s, Verifiable Claims and Blockchains
- Blockchain Interop Chameleon Nodes?
- HOLOCHAIN P2P Apps Without the Blockchains Problems for Scale, Speed, Cost & Governance
- Next Gen Phishing (all your OTP belongs to us)
- Yubikey Usability Study – Results for lab + longitudinal study
- IDPro = Help Build Next Gen of ID Professionals
Wednesday
Session 1
- Intro to Sovrin
- Two Short Talks on Capabilities
- Distributed ID System Patterns with Distributed Systems
- DIF – Universal Resolver + Universal Registrar (DID’s across blockchains)
- Minute Money? A new currency based on A NEW PARADIGM – Time AS Money
- DNS Based OpenID Connect Discovery
Session 2
- Triple-blind Brokered Identity Federation
- First Party World: People in charge via GDPR by 25 May 2018 – Calling Lawyers & Geeks
- Ecosystem Map – Explore Where Could It Go – Insight Treasure Hunt
- Estonian ID Cards Internet Voting
- DIF Identity Hubs Deep Dive & Spec Feedback
- NO Identity – ID As A Collection of Verifiable Claims
- Gender and Diversity in the Valley – A Listening Circle to talk about all the stuff
Session 3
- Group Privacy
- Building Community for SOVRIN and Hyperledger Indy
- Dgital ID in Cities – Use Cases and Pilots
- How ‘Private Sharing’ Breaks the See-Saw or Do More With Data, Not Less or Thank You GDPR
- Intro to Cryptocurrencies, Tokens, Token Distribution Events, and Tokennomies #ICOs
- Where Is My Personal AI?
- Verified Organizations – Bootstrapping a Self-Sovereign Identity Ecosystem via Government Services for Organizations
- Proofing + Assurance Combo – ID Proofing & Standards for Identity Assurance Across Systems ?
- Intuition Session Including Ego Identity to Field Identity
Session 4
- RISC Working Session
- Identity For All
- Decentralized Identity, OAuth, OpenID and How They Can Fit Together
- Know Everything About a Customer, But Know Nothing – How intentional amnesia can be good for Security & Privacy
- Science of Persuasive Communication
- Mental Models of Identity
- The GDPR Is Making Me TRACK MORE
Session 5
- OpenID Working Group: Fast Fed Intro and Discussion
- Identity Smart Contracts on Ethereum
- MANIFOLD – A Self Sovereign Internet of Things Platform #Picos
- Fluid Boundaries of SELF and implications for self-sovereign identity
- Reputation as a Primal Use Case for Data Intensive Appllications of Decentralized Identifiers
- Distributed Token Validity – A Different Approach To Local Govt
- Digital Identity of K-12
- OIDF RISC Working Sessoin
Thursday
Session 1
- A Bank/Telco Use Case Exploration – Working Session to Go Through Project Details
- Lost Identity – Post Disaster Recovery (Nor Cal Fire, Puerto Rico)
- Bringing It Together – DID + What We Already Have = How Do They Work Together
- Autonomous Agents & Identity Delegation (JHV Research Project)
Session 2
- Alexa Identity – What Would You Want?
- The GS1 Identity System
- Indieweb.org
- Sovrin Ecosystem
- 500 Years of Identity & How Does Nature Do Identity?
- Intuition Part II
Session 3
- Rat Hole (Round #3) OIDF RISC UG
- Signatures and Selective Disclosure (show me the math)
- Networks v. Ecosystems & Identity
- Accountability vs. Safety in Permissioned Decision Systems
- What Should Large NGO Organizations Be Doing to Help? What Role Should We Play in This Ecosystem?
- Discussion on Constrained Devices and OAuth2/OpenID Conn – Including JCOR!
- Fashion Wearables IOT DEMO ~ 360 Fashion Network www.360FASH.com
Session 4
- DKMS – Key Recovery Summit: Biometric Recovery, Cold Storage, Social Recovery
- Using DIDs to Bootstrap Scondary Communications Channels and Move to New/Different Protocols
- The Human O/S Defending Privacy by Understanding I.T. Forces and Managing Human Nature
Session 5
- Reputation II – Data Intensive Applications Using DID’s
- How Many Blockchain Tokens Will There Be?
- Diversity In Digital Identity
- Identity + Reputation, Enabling New Business Model for Open Source Projects
IIW 24 2017
Tuesday
Session 1
- Self Sovereign Identity Container
- Introduction to OAuth2
- Decentralized Names and ID’s Working Group – DID101
- IDPro
- oram v1.0 bit.ly/joram100
- OIDF Modrna WG UpDate
- 12 Competencies for Network Leadership
- Digital Inclusion
Session 2
- Digital India
- Introduction to OpenID Connect
- Decentralized Names and ID’s (continued)
- JLINC overview demo discussion
- Delegated Account Recovery – Kill the “forgot password” email
- Build Badass Identity Team
- Consent-Informed Attribute Release for SAML/OIDC at Scale
Session 3
- Privacy Preservation and Controlling Correlation
- 101 Introduction to User Managed Access (UMA) 2.0
- IEEE 2410 Biometric Open Protocol Standard (“BOPS”) EXPLAINED!
- If You’re Hiring a Student w/a Masters in IDM – What do you think they should know?
- Your Terms that Sites Agree To (rather than the other way around)
- OpenID Connect Account Porting Overview
- Hybrid Personal Cloud – Applying devops open source tech to personal IoT
- Identity Storage and Compute Working Group
Session 4
- Intro to Fast Fed (new passport standard)
- 101 MFA, 2FA, FIDO
- Intent in Open Source
- 10_Foot Platforms – Device Pairing
- AI DAO’s & ID
- JLINO Deep Dive – Tip Toe in Shallow End
- End-to-End Crypto SDK for Deve
- Picos Everywhere
- Identity Storage and Compute (contained)
Session 5
- Token Binding – Proof-of-Possession for cookies, ID Tokens JWt’s & OAuth Tokens
- Blockchain 101
- Why isn’t IIW Wiki Secure?
- HashO: IO Protocol – Web of Trust + Blockchain + Proof of Work + IPFS
- Intro to Sovrin
- Intuition, Identity, Internet
- Beyond OAuth2: End-to-End Microservice Security
Wednesday
Session 1
- DID 101 – Decentralized Identifiers & how they are the key to interoperable self-sovereign ID
- IEEEE/SA, Evernym, iRespond, SWIRLS – ADV The Human STD Hackathon (100K Refugee Framework)
- Fair Dice Roll’s in On-Line Game’s using Blockchains
- Application Identity and Trust in Healthcare and beyond
Session 2
- How to Live with Shadow IT
- Neural Science of Persuasion
- Attestations and Identity Data Formats
- ID PRO Body of Knowledge & Taxonomy
- Intro to Verifiable Cliams by W3C VCWG Members
- Publice vs Private Data – What can we share?
Session 3
- DKMS = Decentralized Key Management System
- What is it like to be part of a working group?
- Storing Crypto Credentials
- The UX of Secure Key Management Trust Frameworks
- DID TLS
- OTTO Schema
- 3K/Distributed Identity
Session 4
- Digital India II (part 2)
- libsovrin Hacking – Zero Knowledge Proofs Selective Disclosure and Predicate Proofs
- 5 Types of Privacy on DLT
- End-User Identity Paradox “Curing Identity” – Don’t lose your phone #
- Using Sovrin for Decentralized Student Profiles – A Proof of Concept
- Identity Hubs Technical Resolutions and Planning
- Correlation Marketing Solicitation (not criminal) and Identity
- Trust Frameworks!
Session 5
- Levels of Assurance
- DID Auth (Interoperable auth’n w/DID’s)
- Making OAuth2 Secure
- Multiple Useres (IDs) of a Single Consumer Electronics Device (e.g. TV) How to make it happen
- Reinventing National Identifyer Systems ex Austria
- Certified Self-Sovereign Signature (An e-prescribing example)
- How do People Manage Identities? Prelim findings from user research in India
Thursday
Session 1
- DID Service Discovery
- “Verifier Impersonation Resistance”
- Functional Identity
- “It’s a Pain In The Ass, But it’s Well Supported” (FIdM)
Session 2
- Privacy – Preserving Geo Location & Other “mystuff” Services
- SovrinID Card – What should it do?
- Pop-Up Enterprise
- OTTO –Ifying – FAST-FED?
Session 3
- Digital Life Collective Cooperative “The Web we want” – Getting to Actual Effects with Identity
- Usability for Identity Management
- PICO’s in Practive
- 3J/Agents for I.O.T.
Session 4
- 4A/Reputation vs Identity – Definition Perspectives
- Make XDI GREAT again!
- Anonymous Claims Authentication
- Sharing a Systems Leadership Strategy to Catalyze an Identity Ecosystem
Session 5
- 5A/NO RAGERETS
- 5F/Come Talk About All The Acgouat Recovery Systems
- 5G/OAuth JAR Working Session
- Will Nationalism – Populism – Isolationism kill identity Fed attribute exchange? How do we prevent the reification of Statism in next gen ID systems & thought
- Personal API
IIW 23 2016b
Tuesday
Session 1
- Introduction to Blockchains
- IndieWeb Into – Own Your Web Identity / Interoperate with other people + Silos
- CHEDDAR: How you get sites to agree to YOUR terms via Privacy Badger, ABP on Browsers/VRM For Real
- Why do (people make) Sessions Expire? And what can we do about it?
- API Security Patterns BYOP
- Sovereign Technology
Session 2
- What is Sovereign Identity?
- Personal Data Ecosystem Consortium (trade ass) What can we do for you? What can you do for us?
- UMA = User Managed Access 101!
- Blockstack: The Global Identity Database
- C-DAD Cross-Domain Application Deployment “simple federation” (for enterprise apps)
Session 3
- Universal Compiler Demo
- Multi Party Delegation –It’s not UMA ….Yet!
- Why Won’t Blockechain save the world? Gaps? What’s an alternative?/What Doesn’t go on blockchain?
- Plugging Identiity Components into AAD B2C to get access to relying parties
- SCIM Interop Discussion
- My Device My Data ~ My Data My Device
Session 4
- JLINC Protocol for Data Sharing Chain of Custody
- The Hard Problems of Storing Identity Information
- My Things Are Me! Who backs claims for my things?
- Modern Identity Initiative - Working Title A thought on using the ICANN/IANA model for hosting personal identity
- OpenID Connect WS / Mix-up & Cut-n-Paste Mitigation Discussion
- Towards a Common Ontology for Personal Data Interoperability ~ Or just a Pipe Dream?
- Scalable Consent – Effective, informed, revocable, . multiprotocol consent + attribute release, UI, infrastructure, informed content
- Constructive Notice – What Must We Do?
Session 5
- Consent Receipts – 101 & Update – Closing the loop with users
- R & D Funding for your Project! (Identity and Privacy) Come hear how you can get it.
- Identity and Payments – ACH, Blockchain, Credit, Debit, P2P
- Blockchain Consensus Protocols
- UX Design of Identity Systems
- Open ID Connect hint on the URL – fight IP “authentication’ change EZproxy!
- SCIM & OpenID Connect: From Co-existence to Harmony
- Anonymous Credentials – Will they ever be practical?
Wednesday
Session 1
- Bridge to #Meatspace – Use cases, Tech for Transfer, and verifying Idenitity at Point of Service
- What if…. UMA RPT was an OpenID Connect Access Token?
- PDEC How can we help you? Personal Data Ecosystem
- Black Box Algorithms & “Personalized” Services
- Body of Knowledge for ‘Idenity Professionals – What Domains do we need?
Session 2
- Signed Consent (on a chain)
- Monolith to Microservices – Securing w/OAuth, OpenID Connect, JWT
- Talking About Power Asymetry
- E.R.A.S.M.U.S. – proposal for Emergency.Responder.Authentication.System for.Mobile Users
- Sovereign Identity AND Lending
- Practical UMA – curl commands etc…
Session 3
- Sovereign Identity – (Part Two) How is it enabled by the blockchain.
- $1M Does Your Project Stack Up? Come find out
- Identity & Privacy: It’s Canada’s Game!
- I Just Bought Your Smart House, Now What?
- OpenID Connect RP Testing
- So you are the professor…what is the curriculum for Introduction to Identity Management
Session 4
- Identity Events = RISC, LogOut, Revocations
- Demo Hour Redux
- OIDF – EAP Use Cases
- People’s Digital Identity Life Cycle
- CHEDDAR Implementation ‘on server” + “on client”
- Trust Frameworks Explained – in 20 min.
- Privacy: Confusion of Identities in our Daily Life
- UMA + JLINC – Signed contracts on a Blockchain?
Session 5
- Bridge to #Meatspace Part 2
- Personal API’s @ BYU
- Password Manager API’s
- OIDC Identity Federation
- Common Ontology for Personal Data Interoperability – (Part 2) The What and How
- Identity for the next 1.5 Billion!!
- UMA Legal
Thursday
Session 1
- Continuous Client “Authentication” for API’s
- Sovereign Identity Part 3: What are the Challenges?
- Consent & User Rights – GDPR 101
- SimpleSAMLphp - Project Overview & Roadmap
Session 2
- Identity in Ten Hundred Words
- Ecosystem Maps: - Org History, Protocol Family Tree, The Neighbors & Other Maps
- Sovereign Identity on Your CellPhone with YOTI
- S.A.L.S. – Launching Soon = IDESG/ID Ecosystem Steering Group
- SimpleSAMLphp Use Cases. How are orgs using SSP?
Session 3
- Fixing Marketing + Service with VRM – intent casting & personal API’s
- Protocols for Sovereign Technology
- Weaponized Biometrics? Revocable Biometrics
- SimpleSAMLphp –Code dive + How can you contribute?
Session 4 / Working Lunch
- OTTO – Open.Trust.Taxonomy.Operators – For Federation
- ID2020 Design Shop Planning / for May 21-22
- SimpleSAML php Nearterm Roadmap – feature requests,who wants to build what?
Session 5
- So You Want To Run A Standards Group
- Service Chaining with ZBAC / JWT Assertion Prodile vs STS for the Rest of Us
- Home Environmental Data, SPIMES & Engineered Privacy
- Token Based Federations
- Simple SAML php More Building!
- UMA Legal
IIW 22 2016
Tuesday
Session 1
- Introduction to Blockchains
- IndieWeb Into – Own Your Web Identity / Interoperate with other people + Silos
- CHEDDAR: How you get sites to agree to YOUR terms via Privacy Badger, ABP on Browsers/VRM For Real
- Why do (people make) Sessions Expire? And what can we do about it?
- API Security Patterns BYOP
- Sovereign Technology
Session 2
- What is Sovereign Identity?
- Personal Data Ecosystem Consortium (trade ass) What can we do for you? What can you do for us?
- UMA = User Managed Access 101!
- Blockstack: The Global Identity Database
- C-DAD Cross-Domain Application Deployment “simple federation” (for enterprise apps)
Session 3
- Universal Compiler Demo
- Multi Party Delegation –It’s not UMA ….Yet!
- Why Won’t Blockechain save the world? Gaps? What’s an alternative?/What Doesn’t go on blockchain?
- Plugging Identiity Components into AAD B2C to get access to relying parties
- SCIM Interop Discussion
- My Device My Data ~ My Data My Device
Session 4
- JLINC Protocol for Data Sharing Chain of Custody
- The Hard Problems of Storing Identity Information
- My Things Are Me! Who backs claims for my things?
- Modern Identity Initiative - Working Title A thought on using the ICANN/IANA model for hosting personal identity
- OpenID Connect WS / Mix-up & Cut-n-Paste Mitigation Discussion
- Towards a Common Ontology for Personal Data Interoperability ~ Or just a Pipe Dream?
- Scalable Consent – Effective, informed, revocable, . multiprotocol consent + attribute release, UI, infrastructure, informed content
- Constructive Notice – What Must We Do?
Session 5
- Consent Receipts – 101 & Update – Closing the loop with users
- R & D Funding for your Project! (Identity and Privacy) Come hear how you can get it.
- Identity and Payments – ACH, Blockchain, Credit, Debit, P2P
- Blockchain Consensus Protocols
- UX Design of Identity Systems
- Open ID Connect hint on the URL – fight IP “authentication’ change EZproxy!
- SCIM & OpenID Connect: From Co-existence to Harmony
- Anonymous Credentials – Will they ever be practical?
Wednesday
Session 1
- Bridge to #Meatspace – Use cases, Tech for Transfer, and verifying Idenitity at Point of Service
- What if…. UMA RPT was an OpenID Connect Access Token?
- PDEC How can we help you? Personal Data Ecosystem
- Black Box Algorithms & “Personalized” Services
- Body of Knowledge for ‘Idenity Professionals – What Domains do we need?
Session 2
- Signed Consent (on a chain)
- Monolith to Microservices – Securing w/OAuth, OpenID Connect, JWT
- Talking About Power Asymetry
- E.R.A.S.M.U.S. – proposal for Emergency.Responder.Authentication.System for.Mobile Users
- Sovereign Identity AND Lending
- Practical UMA – curl commands etc…
Session 3
- Sovereign Identity – (Part Two) How is it enabled by the blockchain.
- $1M Does Your Project Stack Up? Come find out
- Identity & Privacy: It’s Canada’s Game!
- I Just Bought Your Smart House, Now What?
- OpenID Connect RP Testing
- So you are the professor…what is the curriculum for Introduction to Identity Management
Session 4
- Identity Events = RISC, LogOut, Revocations
- Demo Hour Redux
- OIDF – EAP Use Cases
- People’s Digital Identity Life Cycle
- CHEDDAR Implementation ‘on server” + “on client”
- Trust Frameworks Explained – in 20 min.
- Privacy: Confusion of Identities in our Daily Life
- UMA + JLINC – Signed contracts on a Blockchain?
Session 5
- Bridge to #Meatspace Part 2
- Personal API’s @ BYU
- Password Manager API’s
- OIDC Identity Federation
- Common Ontology for Personal Data Interoperability – (Part 2) The What and How
- Identity for the next 1.5 Billion!!
- UMA Legal
Thursday
Session 1
- Continuous Client “Authentication” for API’s
- Sovereign Identity Part 3: What are the Challenges?
- Consent & User Rights – GDPR 101
- SimpleSAMLphp - Project Overview & Roadmap
Session 2
- Identity in Ten Hundred Words
- Ecosystem Maps: - Org History, Protocol Family Tree, The Neighbors & Other Maps
- Sovereign Identity on Your CellPhone with YOTI
- S.A.L.S. – Launching Soon = IDESG/ID Ecosystem Steering Group
- SimpleSAMLphp Use Cases. How are orgs using SSP?
Session 3
- Fixing Marketing + Service with VRM – intent casting & personal API’s
- Protocols for Sovereign Technology
- Weaponized Biometrics? Revocable Biometrics
- SimpleSAMLphp –Code dive + How can you contribute?
Session 4 / Working Lunch
- OTTO – Open.Trust.Taxonomy.Operators – For Federation
- ID2020 Design Shop Planning / for May 21-22
- SimpleSAML php Nearterm Roadmap – feature requests,who wants to build what?
Session 5
- So You Want To Run A Standards Group
- Service Chaining with ZBAC / JWT Assertion Prodile vs STS for the Rest of Us
- Home Environmental Data, SPIMES & Engineered Privacy
- Token Based Federations
- Simple SAML php More Building!
- UMA Legal
IIW 21 2015b
Tuesday
Session 1
- HEART & iGov
- Finding Customers for VRM Products
- SCIM is Done – Intro Q&A
- Basics of Blockchains
- Mobile Launch of MODRNA – Overview/Update
- Identity Broker Pattern – 15 Fundamentals
- Questions: Why JWT? SAML vs OAuth vs JWT
Session 2
- Open ID Connect Logout Mechanisms Progress + Status
- A Registry Directory ~ based on BLOCKCHAIN that is ROOTless & NOT Centralized
- HIE of ONE Personal UMA Authorization Server Project
- myTERMS User-Asserted Terms (Mozilla + Customer Commons + Others)
- Fast Modular Exponentifition in JavaScript for Cryptographic Authentication
- OIDC vs SAML - What are you missing & how do you solve that?
Session 3
- User-Managed Access (UMA) Intro & News
- Attribute Privacy in Federated Model
- What is the Impact of the Blockchain Technology to the PKI base eID Schemes?
- Thinking in Crypto….. #Rebooting Web of Trust
- Azure AD Integration in Windows 10 – What does it mean to have a orgID Cloud Identity
- An IDENTITY Rocku-Mentry ? A documentary about the past, present + future of Identity in the IIW Community
- OIDC OP Testing – hands on
Session 4
- Defining Consent – Collecting Personal Information with Notia Consent Receipts
- XDI (Extensible Data Interchange) and Semantic Dictionaries (an update on XDI Core I.O and XDI.org)
- OAuth 2.0 for Native Apps (draft IETF best practice) NEW!
- Making Money from Grassroots, Distributed ID Platforms (???)
- Is OpenID Connect + OAuth + UMA Complete? Why Should I switch from SAML + ID-WSF2 + Xacml?
- Burning Bridges and Breaking Brokers
Session 5
- Consent Receipts in UMA
- SCIM Interop Discussion
- XDI Registry Working Group – a rootless, decentralized, lookup service empowering the personal data ecosystem - based on the bitcoin blockchain
- Potential Roles for BLOCKCHAIN in Identity
- Personal Learning Environments (Domain of One’s Own, LMS, etc…)
- AAD in Windows 10 (Part 2) Now that I’m Joined…
Wednesday
Session 1
- Vectors of Trust
- Re-Delegation and Revocation with OAuth
- International Perspectives
- BlockChain Use Cases (not Bitcoin, not identity centric) & Distributed Ledgers?
- Identity Film – Brings IIW & Core Topics to Life…
- Account Chooser Working Group
- Open ID Connect Certification: The news from the trenches – Google
- Non-Person Entities – Delegation, Proxy and WS02, API manager
Session 2
- Multi-Protocol Frameworks for Personal Data Ecosystems
- Decentralized Directories/Registry (using blockchain)
- Dynamic Client Registration Security Issues
- Ethereum a general purpose BlockChain
- Next Steps after Ad Blocking (200 million votes for what?)
- Selective Disclosure – “I’m older than 18, you don’t need my birthdate” Principles, Open Questions
- Post Password World – How do we get there? BRING IDEAS!
Session 3
- Trust – EI – AKA “Stepped-up Authentication” with UMA and Connect
- U2F Update – including mobile, passwordless, and more…
- Blockchain Auth: Passwordless login with the Blockchain using JSON wcb tokens
- Delivering Oauth Tokens to Things (or NAPPS 2.0)
- Book Preview! OAuth2 in Action
- Citizen Data Schema – SCIM, IWTs, OIDC/Interoperability of National eIO programs
- BlockChain & UMA – Two Great Tastes… Do They Go Together?
Session 4
- RISC – Sharing Security Events among Service Providers
- Societies of Things
- OIDC RP testing – hands on
- PDEC - Personal Data Ecosystem Consortium. Who Cares about our Personal Data? Mapping Innovations and showing the way...
- XDI Registry Working Group (Mtg #2 of 2) More “Pumpkin Theater”
- SCIM Credential Mgmt Discussion
- Forbidden Knowledge – Genomes, Facebook, and other High Dimensional Data
- Identity Proofing – Can it be done well? Especially Remotely?
- Speed Demo Reprise
Session 5
- IoT Privacy Personal
- UMA – Interop testing, ARP use case
- HELP! Federated Profile Across the Autodesk Knowledge Network – Ideas? Standards? Architectures? Suggestions?
- Thinking in Crypto – Signing JSON ?What are your best practices?
- Thought Experiment: What if sites opeted-IN to USERS? (DNT + TPS + Uses Submitted Tags)
- Privacy from Cradle to Grave “What is the effective consent?”
- What Does “LogOUT’ mean?
- Security LOFT – A volunteer organization promoting modern APP Security Standards!
- BlockStore: Scalable Secure Storage with the Blockchain
- Exploring Possibilities for Citizen ID Cards – A whitepaper re: core concepts/good designs
Thursday
Session 1
- The Permanent Web
- ABAC – Attributed Based Access Control
- First Experiences with the Estonian e-Residency ID
Session 2
- How will Current and Legacy ID Specs (SAML,OIDC, OAuth…) Interact and/or be Replaced by BlockChain Technologies?
- Help Phil outline Digital Identity 2nd Edition
- OTTO – Private BlockChain HELP
Session 3
- The CULTURAL Barriers to Privacy
- IDENTITY – Is it always “On”? and Who should control the switch?
- BlockChain ‘Governance’
Session 4
- Mozilla Listens to IIW at IIW 21
- BlockChain VIS a VIS Everything Else ~ Part 2 (Deux)
- All Things Photography
- Customer Funding
- OIDC Federation for Higher Ed
Session 5
IIW 20 2015
Tuesday
Session 1
- Inter-Domain Relationship Sharing & Friend Requesting
- Intimate Wearables (AKA IoT)
- Trust & Consent / Consent Receipts for Personal Data Control
- Hacking Privacy Policy by Managing Politicians
- IndieWeb Principles & Protocols to OWN YOUR IDENTITY
- Personal Data Ownership in a Corporate World
Session 2
- Engaging Voters Through A Policy Management Game
- The Emerging Field of Consent Management – Next Gen UI Infrastructure Under the Hood
- VRM: Customer Needs – Definitions
- Personal Data Ecosystem Consortium – Growth and Opportunity
- Lessons Learned – SAML & OIDC @AWS
- Distributed Capabilities - Systems for Real Time Communication
- Privacy on FHIR
Session 3
- FIDO U2F Update / What’s New & Drawing Board
- Enhancing the Digital Currency Oppoertunity
- VRM: Vendor Needs - Definitions
- (new?) Business Models Based on Reputation
- Mobile Profile OpenID Connect (Part 1 working session)
Session 4
- IoP: Net of Policies – Phil W’s Personal Pot Hole (PPP)
- IETF ACE – Authentication & Authz for Internet of Things / Scenarios & Solutions
- PDEC – Call for Hot Topics / Papers (Personal Data Ecosystem Consortium)
- Mobile Profile of OpenID Connect (Part 2 working session)
- Local RE-Delegation With OATH
- Blending Education, Consumer + Enterprise Identities / Identity in the Academy (and beyond)
- Blockchain and Minecraft – Can Someone Tell Me About B/C @101
Session 5
- Modeling Privacy Policy in a Political Management Game
- The VRM Value Proposition (Biz Model Canvas)
- Account Chooser and Mobile Connect / What must we change?
- Get on the IndieWeb in Minutes
- Notif Update
- How Blockchain Can Solve All Our (identity) Problems
Wednesday
Session 1
- Vectors of Trust
- XDI Review and Demo
- SSO, Hello and PassPort – updates to Identity in Windows
- Cloud for Things
- Can Technology Revolutionize Consumer Citizen Activism
Session 2
- Trust Elevation
- Blockchain Tech 101 + Identity (onename)
- What’s New in Pico’s & Clouds?
- University Community (InCommon, Internet2, Identity Registries, API’s)
- GovTrain – CluGov
- AWS Identity Round Table (Amazon Web Services)
- Privacy Issues Regarding Federated Login’s
Session 3
- Freedom Box Update
- Fluffy are Kitties
- Blockchain Based Authentication
- Bureaucracy & #IoT
- Influencing Social Expectations of Online Info Services Through Ecosystem Codes of Practice
- Workshop: Best Practices of Profiles from 10 Years of IIW
- Business Models Based on Reputation Part 2
- IIW Like Events in Other Countries
Session 4
- Distributing Data Brokers
- MyWave VRM: A Deeper Look
- Terms We Assert / Consent & User Submitted Terms
- VRM In the Developing World
- Honest(er) Ratings System – Let’s Build It
- OTTO = Open Trust Taxonomy OAuthz / Session #1 Charter
- IIW Connectivity Inbetween IIW / A Discussion of Identity
Session 5
- Identity Binding in the Extended Enterprise
- Creating Trust At Scale – In the Sharing Economy (Why do we let strangers stay in our homes?)
- OASIS XDITC - open meeting
- Put a Roter File into a Blockchain
- VRM: Market Maker
- A Guide for Integration of Authentication Technologies
- UMA 101 – Everything You Wanted to Know About User Managed Access But Were Afraid to Ask
Thursday
Session 1
- NAPPS Update – Native Apps SSO (a working group of OIDF)
- Haman Centered Computing/Scenario Planning or Avoiding the Compuserve of Things
- TosBack 2 / Terms of Service + Privacy Policies Archiving + Analysis
- Identity Anthology – Input and Feedback
Session 2
Session 3
- Enterprise Single Sign-On and Social Networking Mobile Centric
- User Terms Continued…
- Digital ID Images – Sharing visuals that you created that clarify some issue.
- Implement IndieWeb on Your Service in Minutes
Session 4
- Open Notice + Consent Receipts Working Call-In/Working Session
- VRM FrameWork: Define the Developer Role in the VRM Framework
- (in)Security Questions
Session 5
- Meet ‘Frank’ The MyWave VRM Personal Assistant
- Architecting a “best” Scenario: Digital Communities that Self-Balance on Reputation, Privacy & other Norms//Pen Names
- Mozilla Listens to IIW
- RISC = Risk & Incident Sharing & Cooordination (working group of OIDF)
- H.E.A.R.T. Working group session – UMA security profile (Health Relationship Trust)
IIW 19 2014b
Tuesday
Session 1
- Notifs .... a new messaging medium
- Interoperable Consent Management
- Account Sharing at the IDP (Identity Provider)
- Boarderless Connectivity (Ambient & Ubiquitous)
- Surveillance Identity and YOU
- Root Identity – Decentralized ID Tech
- Respect Connect Protocol
- Open Discussion: Identity Verification for People w/o Paper Trail
Session 2
- XDI / Respect Connect Person -- Business Connections Demo
- Sustainable Net Protection “After Wikipedia Goes Light”
- OAuth SPOP Working Session of Document in Working Group Last Call
- XDI Graph Editor Demo
- Report Out From Inter-Federation w/Shop: How to Develop Rules for Joining Federations Together
- Amazon Web Services (AWS) and Open ID Connect (OIDC)
- MAFA Mistaking AUTHN for AUTHZ
Session 3
- XDI / Respect Connect Person -- Business Connections Demo
- FIDO U2F Security Key – Emerging Standard Respecting Privacy
- OAuth & Authentication / What can go wrong? Working Session of IETF - OAuth
- Identities of Dead People / Linking Data from Museums, Archives & Libraries
- Model Thinking: A Framework for VRM
- Google “TAPPS” for Education
- LOA’s “Vectors of Trust” and Consumer Protection
Session 4
- For the Greater Good ~ ‘You are not a Special Snowflake’
- Internet of Things (IoT) Door Lock Use Case
- SCIM V2 Intro
- Online Trackers and Advertisers That Use Them
- Trust on Both Sides: Calculating AuthN actions the consumer chooses into HIGH trust for all R.P’s
- VRM + CRM ~ Next Steps
- Building RS ~ AS Trust With UMA
- Travel to….. CYNJA SPACE
Session 5
- Freedom Box “Danube Edition”
- NAPPS Working Session
- Ours or Theirs : A discussion of SSL Trust stories in Identity Protocols
- SCIM APT Extensions: Who wants to add what?
- Investing & Crowd Funding VRM
- Use Managed Access (UMA) … Authorization for Internet of Things (IoT) /IoT & Identity
Wednesday
Session 1
- OAuth WG Status Check
- How Do We Engage and Protect Kids In Cyperstace?
- Health – Relationship – Turst: Come hare about the new HEART WG at Open ID Foundation
- User Consent + Consent Management + STATS + Demo and Discussion
- Firefox Social API: 2 years in, what next?
Session 2
- SCIM API Extensions: Who wants to add what? Interests?
- The VRM Social Network
- Subscribe 2 WEB
- Gold Identity Federation
Session 3
- User Asserted Terms for VRM
- Data Ecosystem Consortium (PDEC) Exploring the Future with Dean
- OAuth Challenge Grant?
- NSA Surveillance in Austria
- Build a New Saas app With Enterprise Identities: What would you do?
- FEM vote. US The RE-Founding Sisters – Real Representation in Virtual Districts
- The State of Anonymous Credentials (discussion)
Session 4
- Open UMA Implementors’ meeting - - interop, feature tests…
- Mobile Darwinism: From mobile to mobility
- VRM + CRM Part2 The VRM Strikes Back
- Amazon Web Services (AWS) and Identity Management: What’s New?
- Conflict Resolution in Community
- XDI Hackathon
- 4CHM – IBM 1401 DEMO (downstairs)
Session 5
- Continuation of UMA Implementors’ Meeting
- Mozilla Listens to IIW
- Threat Based Authentication: Understanding the Risks of RBA
- IoT Modeling with Picos: “Lessons From Fuse”
- Trusting “Trust Frameworks” What needs to regular people have to make this “real?”
- XDI Hackathon
Thursday
Session 1
- UMA Demo
- Micro Services Containers, Reactive Manifesto and… Identity
- OpenID Connect: Easier than you probably think it is
- What Is A Federation?
- Firefox Interest Dashboard
Session 2
- ARM mbed/IoT
- Notifs – (Repeat)
- Vectors of Trust ---- Continued
- The VRM Social Network Part II
- QREDO Rendezvous Protocol
- Introduction to the Indie Web
Session 3
- Twitter in 2015: What do you want to see us do visavis account security , recovery, identity & privacy
- U2F Explained
- The REAL Internet – IoT
- Access Token with Access Control List for IoT
Session 4
- OAuth 2 Scope Design Discuss iom
- VRM + CRM Part 3
- Anchors of Idenity & Account Recovery – Round Table Discussion
Session 5
- NAPPS Working Session Part 4
- Online Voting: What do we need to have happen in “identity” before online voting happens?
- CRM + VRM Branding for Consumers and Developers
- Mozilla + VRM/Intersecting 2015
- Bob’s Kabitzing Tour of the Museum
IIW 18 2014
Tuesday
Session 1
- Respect Network LAUNCH
- Social ID’s in Enterprise
- Indie BOX – Let’s Bring Our Data Home
- Covert Redirect – What It Is/What It Ain’t
- Improving the Mobile Federation Sign-In Experience
- Phishing Blend Authentication and Authorization
Session 2
- JOSE Can You See – A Technical Overview of JWT
- Collaboration For Collective Impact
- Me Depot – Serving Billions
- Intentions vs Identity
- I o T = Identity of Things
- Customer Support for Personal Data Stores
- An Introducing to IndieWeb
- “SCIM” Next Steps
- New OAuth 2-wg – Multi-Party Federation
Session 3
- OpenID Connect – Interop Testing Details
- It’s NAPPS – Enabling SSO for Native APPS
- Engaging End Users – How Do We Get Consumers to Participate in Identity
- “Privacy Lens”
- Ethical Data Handling
- Platform Deep-Dive of: Qredo
- Open ID Connect 101 – How it Works/What is it for
- Join the Indieweb
- Silicon Valley “Culture of Youth”
- Your Digital Traits for STRONG Auth
Session 4
- OpenID Connect – Logout/Session Mgmt (Part 1)
- How Do We Preserve and Protect Identity / Identity Theft
- CAN’T BE EVIL
- FUSE Architecture – PICOS and Connected Cars
- NSTIC – Update From NIST and Roundtable
- IndieAuth – Turn Your Personal Domain Into An OAUTH Provider
- Practice Session for Investor Panel
Session 5
- OpenID Connect – Logout/Session Mgmt (Part 2)
- Personal Sovereign Design
- 4th Parties – Use Cases for Others Besides the User, IDP and Relying Party
- DOXING as Vigilante Justice
- Respect Network plus XDI
- Aging plus Caregivers plus Post Death Identity Mngt
Wednesday
Session 1
- VRM (Vendor Relationship Management) Progress Report
- OAuth Security – Proof of Possession
- Privacy Metrics – What Could They Be? What Should They Measure? Should They Exist?
- Home Owner Personal Data
- We Are The Last Generation of Free People
Session 2
- VRM Adoption Case Study – MYDEX
- HTTPSY – Leave the Certificate Authority Behind
- SAFEnet
- Data Inequality
=
Income Inequality - Channel Binding for Open ID Connect
- ADHOC: UMA Interop Testing Session Thing
Session 3
- Mozilla Listens to IIW
- Real Estate Use Cases
- Shopping for Identity Providers – What do I need to know before I put my identity in your provider
- Functional Model Elements from NSTIC – Personal Cloud Review
- Self ID
- Mobile Connect
- Clarify and Learn About Web Payments and Identity
Session 4
- New Book – Extreme Relevancy
- IoT and Open Standards – Oauth2, UMA…
- Gettign WC3 People to come to IIW19
- Mobile SSO – How We Did It/USIMG/OAuth, Open ID Connect
- OAuth SASL (OAuth for non-web apps, ep.IMAP)
- Post Life Identity Privacy
- Root of Trust
- Investor Pitch Practice (Pt 1)
Session 5
- Be Ready for the AUTHpocalypse – Lightweight/Dynamic Client Registration for IMAP/SASL
- Identity Ecosystems plus the IDESG
- Google – Recent Update and Input on OAuth DevX
- ID Things You Can Do With A “FREEDOM BOX”
- The ID – Lobrary/Film Fest and Anthology – ‘this Community Cannon’
- Help us do Social Media Marketing for the Respect Network Launch
- How To Deal With The Case When The Intended Audience Is Not The Releasing Party
- Lost Dog! User Centric ID Management FIDO and Other Opts
- Bitcoin and Identity
- Investor Pitch Practice (Pt 2)
- NAAPS Working Group
Thursday
Session 1
- In 5min or less – Tell me a Happy Future Story About “IDENITY”
- Let’s create some -Partinent Art – that speaks to our condition and Brainstorming ides about topics for books for children and management – like SCADA and ME
- Reputation
- DNSSEC 101 – intro how it works/my war stories
Session 2
- DARASHA XDI app – Music Library
- AWS QandA
- ACE = Authentication and Authorization for Constrained Environments
- Help Doc prep for the VC Panel
- The Maker Economy and Identity
Session 3
- What’s it Take to get a Customer-Centric Startup to Win Funding? (VC Panel Discussion)
- Kitties are Fluffy!!
- Icons for Privacy
- Where Are the RP’s?
- HOW CSP’s (cloud service providers) and Authentication Providers Fit Together on the RESPECT NETWORK
Session 4
- Start-Up’s Pitching
- Free People Beyond the Next 10 Years – (Continuation from Wed Session/Manifesto Writing)
Session 5
- Start-Up’s Pitching
- Murder via Google Maps
- CAMBRIAN – A User-Centric de-centralized platform for entrepreneurs
IIW 17 2013b
Tuesday
Session 1
- To Switch or Not Switch… Enabling Smoother Transitions Between Work and Personal
- RALLY CRY plus Guiding Principles for this Community
- Internet Of Things – Developing a Classification Framework
- Respect Connect “Demo” Safe single sign on for Personal Clouds
- Where Does Your Project/Product Fit in the Personal Cloud Markey Matrix
- Identity Revocation The RRVS (required recipient valid since) SMTP header
Session 2
- How to Make Money Implementing Attribute Exchange: Services, Solutions andTrust Framework
- A Periodic Table of Trust Elements – Building Real Trust Frameworks from the Bottom Up
- NYM ISSUES (pseudo-nym) Why Do We Need “real” name policies?
- Defining a Simple Use Taxonmy for Personal Data (think Creative Commons)
- Find/Create Killer Product (App) and Win In the Market
- XDI2 Technical Overview
Session 3
- Federation Conversation
- Retiring Protocols
- A Universal Shopping Cart
- Federation Conversation / Blood Bath
- VRM 101 – 2.0
- Idie Box Freedom Box, 8 Personal Clouds
- Universal Shopping Cart
Session 4
- Respect Connect Deep Dive
- OAuth Open ID Connect plus FICAM
- Persistent Compute Objects and The Fabric of Cyberspace and Quantified Everything
- Household ID and Personal Data @ Rest
- Putting Informed in Consent
Session 5
- The Business of Personal clouds
- GreenList Payment Addresses – How to create a new Identity Attribute that benefits everyone on the Planet!
- Secular Connect
- Talking Tag
- Personal Data Ecosystem Architecture
- Skinning the SQRL (Secure QR Login)
- OAuth the parts intro/review
Wednesday
Session 1
- Respect Connect Deep Deep Dive
- User Challenges with Federated Login!! Follow-up From Day 1
- Vertical $ Opportunities – Connecting the Dots in Real Estate – Monetizing VRM By Delivering Billions In Consumer Savings
- ReDelegation in OuathII
- NSTIC 101
Session 2
- Personas and Privacy
- Security Concerns for RP’s I - Session Strength and Reauthentication Proposal from Google
- Identity Revocation PartDeux
- Use Case – Mandated Parent Educaiton
- Personal Cloud Logo Terms
- COZY Cloud – MesInfo
Session 3
- Customer Commons – Creating a World of Liberated, Powerful and Respected Customers
- Building Personal Cloud Applications - FUSE
- FIDO Alliance Update
- Personal Data Ecosystem Consortium – Update
- FCCX Update – Federal Cloud Credential Exchange
- Anonymous Authentication – How Does it Help our Life
Session 4
- Health IT Architecture
- Ontology for the Personal Data Ecosystem
- RP Challenges to Federated Login
- OMIE – customer commons
- Omie Update (Version 2.0)
- Online Data and ID After Death
- Personal Clouds as Media Indexes for Local Sharing
- My Identity – Your Identity
Session 5
- Google’s OIDC’ish Auth Platforms on Android, Chrome, iOS
- Non-Cloud Providing Enterprise Use plus Coordination
- Data and ID after Death
- Intentcasting
- Descant – Data Systems at the Intersection of Story Telling and Data Reputation
- After Email… So How Do We Replace It….What Does It Look Like…]
- Venture Free StartUp Financing and How Respect Network can Earn Income
Thursday
Session 1
- Do Not Disturb Brainstorming – A DNT with TEETH!!
- OAuth 2 Interop Testing
- Mapping Out Our Digital UnConference
- After Email – user experience for all the things we use it for
- Can Identity Proofing Eventually Replace Authen?
Session 2
- How do RP’s Learn of Big Account Changes at an IDP like Google
- Personal Cloud Network - RISK THREAT – Counter Measure Models
- Email: Are We Asking It To Do Too Much?
Session 3
- Exploratory Conversation for Social Good / What Value Does Online Identity Bring to Local Economy
- Privacy - Why Not
- CloudOS Programming 101
- Trust Frameworks - 101 Definitions / 201 Application
- Identity by Presence – The Death of Single Sigh On and Federated Identity
Session 4
- Rally CRY and Guiding Principles (Part 2)
- NSTIC (national strategy for trusted identity in cyberspace) Let’s Get Real!!
- Mapping the Connect Code flow to SAML Artifact Binding to create a server profile
Session 5
- Come to the Movies – UMA
- Cybernetic Augmentation, User Agents and Identity An Overview of One Person’s IIW Experience
IIW 16 2013
Tuesday
Session 1
- MITREid Connect
- Pluggable Privacy Managers
- Rent or Buy Taking Control of Your Credit
- Program Aggregation Layer / How we wrap and deploy solution harmonize licenses for Cust * Com
- Intro to Personal Clouds
- Native Apps – SSO
- What Changes YOUR Information Sharing Behavior
Session 2
- Personal Clouds and the Social Contract
- Strong 2-Factor For All – Google and FIDO Alliance
- User Managed Access (UMA) Intro and Overview
- Next Generation Biometric ID
- What do Leading Consumer Sties Have to Gain by Establishing Themselves as Consumer Identity Providers??
- Personal Clouds and VRM
- Salesforce Identity Q and A
- EGO Identity
- Content Addressable Personal Clouds
- Privacy Features
Session 3
- A2P3 – UpDate and Demo
- Personal Cloud Discovery With XDI
- The OAuth Complicit Flow
- Patient ID and Fair Info Practices for ID
- Patient ID and Fair Info Practices for ID
- Cloudstore Intro: Create Personal Cloud/Develop Apps/Biz Model
- Identity and Currency and Transactions
- Free Trade Zone for Trust Frameworks
Session 4
- Forever: Personal Cloud Application Architectures (Post Web 2.0)
- Is Decentralized Social Media Possible? The Case of Tent.io
- COPPA How Does It Play In the ID Ecosystem
- Anonymous Credentials for enrollment and provisioning data (with NO portals)
- Mobile Single-Sign-On
- Identity Federation: Failed Consumer Experiences and WHat We Can Do About It
- UNHOSTED Personal Cloud Apps for Developers
- BLACK BOX ~ Clouds Architecture
Session 5
- Anonymous – Identity As Meme
- Business of Personal Clouds – Models, Revenue, Investments
- Comparative eID – What’s going on in your country/countries that you know about? AND Identity and Government
- SSO for IdP – IoP Optimization and Alternatives using SAML. DAuth, WS- TR
- The Privacy Phone
- Personal Clouds in Supply Chains – The Enterprise Metaphor
- Exposing Women’s Profiles w/o Gender Profiling
Wednesday
Session 1
- Digital Idenity in Smart-Device eve
- Group Identity
- SCIM Restful IAM & Provisioning Standard – Intro
- Relying Party Assurance IOP Insurance Etc…
- Login – hint for SAML?
- PIXEL Policy Expression Language for Personal Clouds
- Human-to Human Delegation Issues in Open World
- OAUTH Client Registration
- Field Guide to Internet Trust
Session 2
- FIDO Alliance – Fast Identity Online Overview/Nutshell
- DNS vs. XDI
- Faith/Religion and Cultural Context – Influence on… ID System Architecture and User Behavior
- Data Commons Governance – SMART Cities
- Patent Trolls Gonna Kill VRM?
- Customer Commons – OMIE
- White Boards Are People Too
- Private Data Stores
- Privacy – Preserving Accessibility Support with UMA andGPII
- Blue Button and Patient Health Records using OAuth , JOSE
- Data Durability Security Over Time
Session 3
- A Coherent Theory of Privacy
- OAuth 2 Bootstrapping from device to browser (technical)
- VRM Personal Cloud for SMB/SME
- NSTIC – Electronic Health Records and Patient ID
- Trust Frameworks – Cross Sector and Domains
- Customer Commons – new privacy intros
- Biometric Identity Measures that can NEVER be shared or Replicated
- Securing the Personal Cloud – What Should Be Best Parctices?
- Building Burning Man – Online (Identity) Ecosystem
Session 4
- RESPECT CREDITS – Brokering $
Exchange on the Respect Network
- Google’s Auth goals for the next 5 years
- NYM – Rights and Issues – Online pseudonimity and anonymity
- Citizen-Centric Attributes and metadata for use cases between Citizens and E Govs (Social and from Sanctioned)
- The Legal Forum
- All about Identity at AMAZON WEB SERVICES plus what are we still missing?
- Providing 1 Billion People with a Useful Personal Cloud is Cheap and Easy
- Auditable Trust Framework – Patient Privacy Rights
- hat’s In Your Wallet? – Who owns your digital Identities when you leave the leather at home?
- Comparative eID filling the chart - questions/countries
Session 5
- Son-Of-Sopa (SOS)
- DNS vs XDI Who is better at solving which problems… (continued)
- Crypto SSO on Mobile
- Health/QS Vertical ID’s and Vaults
- Open ID Foundation Board Meeting
- 100% Secure 100% Private Personal Cloud
- Persuasion for Engineers
- OAuth 2 Federation – RS trust external AS
- Proofs of Knowledge for Personal Clouds – Real System Demo
Thursday
Session 1
- Comparative eID – Big Picture/ID Proofing/Enrollment/Attributes/Credentials/Uses/Governance/Law Policy
- Architecting – A Self-Regulating Society Theory and Practice
- Audit, Certification and Trust Seals
- Metaphors and Models of WHAT IS “Personal Data” Implications for Policy plus Technology
Session 2
- Practical DATA PROTECTION – Avoidance? EU and US ?
- Who is The Big Gal/Guy that will make personal Clouds Happen?
- PDS plus Personal Cloud *What is Out There *Business plus Technical Perspectives
- Out OF The Ivory Tower (linking theories of privacy identity and risk to practice)
Session 3
- RESPECT CONNECT “Facebook Connect for Personal Clouds” OR “Social Login that Doesn’t Suck”
- Define Personal Cloud Logo Terms
- What Makes Online Identity Durable? Why do some users stick with their online accounts for years while others abandon?
- Applying a Gender Lens on Evolution of the Market for Personal, Household, Small Biz, Clouds/Data plus future of hyperconectivity
Session 4
- Self-Hosted Personal Clouds (FreedomBox and Raspberry PI)
- XDI vs DNS (Continued from Wednesday)
Session 5
- SquareTag Deep Dive (active devices)
- What do Women Want?
- Personal Data Ecosystem – Creating an Open Personal Cloud Community
- Trust Framework – They’re not all about Identity
- Sight Seeing Tips and Tricks – San Francisco and Beyond
IIW 15 2012b
Tuesday
Session 1
- Identity Clearing House – Loosely Coupled open standards based architecture for Identiy in the extendedenterprise
- A2P3
- Rhetoric – How do we talk plain language about Identity and Personal Data?
- Privacy by Design – New Oasis Tech comm.. for Sotware Engineers
- Focus on Consumer – Turning fear into excitement, delight about Personal Data
Session 2
- Respect Network Founding Partners
- IDESG – Mgt Council CAll
- VRM Challenge: Let’s Fix Subscription Bin from Customer Side
- IDP - Initiated Layin and Deep Linking for Open ID Connect
- Mobile Specific Open ID Connect use Cases
- Anonymous – political, institutional, cultural and memitc organization without identity
Session 3
- Connect Me and miiCard “Trusted Reputations”
- Account Chooser Launching – Taking the AC Show on the road this autumn – help write the show
- Authentication on Mobile Devices – Crypto and
- Collaboration, Forking, and organic proliferation in the age of the personal cloud
- Customer Commons plus VRM Brainstorm
- Death To NSTIC -2- Long Live NSTIC
- Use Cases for Personal Clouds, Community Clouds, Family Clouds
- Reputation Consulting .05 cents
Session 4
- OAuth Security (Beyond Bearer Tokens)
- NSTIC Pilot Overview – Attribute Exchange Network (AXN) / Demo
- Unleashing the Multimind – What’s next – or could be – in our most personal daily experience and utilization of all this stuff
- Building the Identity Ecosystem Framework
- Kynetx – Personal Cloud Prototype
- Consuming OpenID Connect 101
Session 5
- OX Open Source – OpenID Connect and UMA / Demo
- Personal Analytics and Insight for Consumers – using Personal Data to Enlighten the Individual
- How will Identity plus VRM Change Real Estate and Mortgage Banking
- Secure Identity Without Username or Password
- Location = Control Control = Ownership – How addressing establishes ownership and what to do about it
- XDI Personal Cloud Desktop
Wednesday
Session 1
- Sales Force Identity – The Facebook for Business (Part 2)
- OpenID Connect Session – Management and Login
- External Browser and Mobile Apps
- Identity and API Economy plus Privacy by Design
- The New Privacy
- Manufacturing, Registration Cards and Digital Birth Certificates
Session 2
- Sales Force Identity – The Facebook for Business (Part 2)
- Hybrid Mobile/Nets App Auth With Oauth2 Trickery
- Liberating Personae from Identity
- OAOTH 2.0 RS – AS Token Query Flows
- Customer Commons - The Magic Wand Project
- Consumers and Public Records
- Personal Data Startups Connect and Catalyze – next steps and PDEC StartUp Map (stages, models, patterns)
Session 3
- Education Customers and Companies
- Google Identity Toolkey – What other problems should we research?
- Mobile SSO Password Proliferation…. Any solutions??
- SCIM
- The act1v8 Project (VRM and Trust for Charity and Community Services
- DATA COOPS and BIZ Models
- Customer 2 Business – Will Federation Really work?
- Social Intentions – Private App on Facebook to express your true intentions
- Personal Cloud Prototype (Reprise)
- Opportunities for Developers around Personal Cloud Cloudstore
Session 4
- Trusted Identities “You are who you say you are”
- OIX (Axw6) Attribute Exchange Trust Framework – Progress Report
- Attribute Exchange Technical Overview
- Health Record Banks – Personal Cloud for Health
- Investors Corner / Where Investors and Entrepreneurs Come Together
- MAKE HISTORY – Be the 1st to get a User-centric Next-gen Secure Private Identity
- Security and Permission in Personal Cloud Connections
- SCIM – As An ATTRUBUTE Provider?
- World Economic Forum: Update on ‘Rethinking Personal Data’
- Freedom Box Workshop
Session 5
- OpenID Graph 1.0
- OIDF Workgroup – Account Chooser
- Beyond Prophylaxis – Next Steps post ad and tracking blocking W5F: KRL – XDI Integration
- correct house battery staple: Strong Passwords…. Passphrases.. are they still relevant/necessary?
- Personal Data and Gamification---Consumer use case Brainstorming focus on *Fun *Beneficial *Opt-In
- OATH 2 Dynamic Client Registration
Thursday
Session 1
- Mapping the Identity Ecosystem Framework ‘A Whiter Shade of Gray” – (Input for NSTIC Plenary Next Week)
- OAuth2 Chaining and Re-Delegation
- Personal.Com Blog Post
- 11 Models of “Trust”
- Education and beyond… How to mamage new Privacy Risks on Rapid Moving trends
Session 2
- IDESG Mapping Prep… Source Documents and SEEDS for Mapps (NSTIC)
- Wallets - Ours OR Google, Apple, ? (VRM)
- A Trust Framework for Open ID Connect AND beyond…. (with Unicorns)
- What is ‘Real Name” ?
- High Level Programming
- Webfinger
Session 3
- OIDF Board Meeting
- UE for ID/PDE or UX plud Tech for IDENTITY across Devices ‘1 Enterprise Experience from Browsers to Washing Machines?
- Account Recovery: How can we do better? Without back doors?
- Ultimate Realization of User Managed Contract / Terms and Policies Proffered by individuals
- FED. SOC. WEB SUM.
Session 4
- OAuth RoadMap (new specs, more interop, additional use cases)
- OIDF MTG #2
- Interesting Challenges of Bi-Directional Federated and Delegations
- Freedom Box Workshop
- Open Source Personal Clouds / What, Why, How
Session 5
- Intent Casting Prototype
- ‘Group Therapy’ Being a Pioneer and Communicating You Vision to Stakeholders
- REDDIT are there lessons for the Identity Community in recent events?
IIW 14 2012
Tuesday
Session 1
- Film (T1A)
- OAuth Overview for Beginners (T1C)
- Personal (Mozilla) Browser ID (protocol) (T1D)
- NSTIC Update, Pilots, Government Recommendations (T1E)
- VRM Intro (Vendor Relation Management) Developments (T1F)
- New to IIW / Identity etc… overview from Kaliya Q and A (T1G)
- Identity Management for the Internet Advertising Ecosystem (T1I)
Session 2
- OIX Attribute Exchange Working Group (AXWG) Progress Update (T2A)
- OpenID Connect – The Intro (T2B)
- Find Out And Control You Digital Footprint (T2D)
- XDI: what the hell is it? What is it good for? how does it fit with openID connect? Why isn’t it dead yet? (T2E)
- DATA ----- the gap ------ Getting it (AHA!) (T2G)
- Building a 4th Party VRM Start-Up (T2H)
- OAuth and SASL / Open Issues “to http or not http….” (T2K)
Session 3
- Account Chooser.com / OIDF Working Group update, next steps, your ideas (T3A)
- Demo with Freedom Box (you can participate!) (T3C)
- OAuth Security (T3D)
- How to Educate Consumers on privacy/identity/security issues? (T3E)
- VRM 2012 Outreach Planning / What vendors will go first? (T3F)
- Standard Information Sharing /Label (T3G)
- Health Care Regs: What Are They REALLY? (T3H)
- Federated Authorization / XACML, OAUTH, TVE…. (T3I)
- NSTIC’s Identity Ecosystem / Privacy Coord. Standing Committee (T3J)
- What is a Personal Cloud? (T3K)
Session 4
- Attribute Provider Network Demo via Open ID/OAuth (T4A)
- Mobile Identity and Dual – (multi) Persona (T4C)
- A Deterministic Model for Trust Framework Interoperability (T4D)
- OAuth/SMAL/OpenID for non-web applications – SMTP/IMAP/SSM (T4E)
- VRM Language (lockers vs smelly socks) Lexicon = what do we call the WHO and WHAT we work on? (T4F)
- What Happens When my Federated Identity Fails? (T4G)
- Zero – Trust Identity (T4H)
- Open ID Connect + Metadata ???? (T4I)
- How Can My Company Afford VRM? (T4J)
Session 5
- Writing Apps that are Easier to Defend than Attack (T5A)
- Resource Server to Authorization Server Commuications JACML? (T5C)
- Biometrics into the NET with Smartphones (T5D)
- Personal Data Ecosystem Consortium (PDEC) (T5G)
- Government of British Columbia Digital ID + Authentication (T5H)
- Novel uses for Context and what is it anyway (T5I)
- Sovereign ID vs Admin ID (T5J)
- User – Managed Access F.A.Q: How UMA Enables – Selective Sharing (T5K)
Wednesday
Session 1
- VRM + CRM(need help) Event – Sept 2012 Santa Clara (W1B)
- NSTIC Steering Group by-laws (W1D)
- Account Linking Service (W1F)
- Rethinking Patents in an Open Web World – reverse the burden of discovery? (W1G)
- Enterprise OAuth Infrastructure (W1H)
Session 2
- Personal Data Rights Language / Self Asserted Terms – Policies – Preferences (W2A)
- Backplane 2.0 Widget Collaboration Protocol (W2B)
- SCIM 101 (W2C)
- API’s (W2D)
- NSTIC How do we bring relying parties to the table? (W2F)
- Personal Data Tagging a Utopia? (W2G)
- Survey of UDID Replacements for Mobile Identity (W2H)
- New Gov Open Data to Corral Politicians (W2I)
Session 3
- Data Wallet (W3A)
- VRM Personas & Faceted Identity (W3B)
- SCIM 201 (W2C)
- ID Federation Trust Framework Use Cases and Mock Trials (W3D)
- Dynamic, Multi-Attribute Authentication – OASIS Trust Elevation TC /Open Meeting (W3F)
- Practices, Policies and Procedures around Identity Validation (W3G)
- CIPHER – whiteboarding on open-source language for consistent cross-platform CRYPTO (W3H)
- New Gov Foundation / Open Board Meeting (W3I)
- Personal Cloud work (W3J)
Session 4
- NSTIC and Governance (W4A)
- How can my company afford VRM? VRM Co-opetition, Developing Creative Relationships (W4B)
- Setting up an Open Source Community - To drive adoption of a cool ID technology (W4F)
- Communication Channels in our Personal Clouds (W4H)
- Client Certificate Authentication & Browser Pitfalls (W4I)
- DEMO – Social Verification and Google Street Identity (W4J)
Session 5
- Browser Cryptography – Enabling Stronger Authentication for ID (W5A)
- Commercializing VRM – in the marketplace (W5B)
- Backplane 2.0 – Implementation (W5F)
- XDI 1)Graph 101 2)Messaging 3)Link ContractsGraph_101_2)Messaging_3)Link_Contracts) (W5G)
- Assets Discovery for Simple Web Payment (openTransact) (W5I)
- Personal Data Rights and Underlying Principles (W5J)
- Health Care Regs: What are they REALLY? (W5K)
Thursday
Session 1
- Windows 8 Identity Investments (TH1A)
- VRM: Where does it start? (TH1F)
- Privacy - Enhanced Attribute Management / Help me understand "Privacy"' (TH1J)
Session 2
- Confused about ID token and Access Tokens??? Lean the Key Differences (TH2A)
- Beyond Caif - Cow / Escape from Client Server (TH2F)
- Are Custom URI Handles EEEEVil? Or Workable? Alternatives? (TH2G)
- Lifecycle's of Digital ID's Personal Online Including DEATH ... what is life online like after you die? (TH2J)
Session 3
- How to add an account chooser to your site - 4 line's of code but what if you want more! (TH3A)
- Trust Framework System Rules - Business, Legal, Technical (TH3F)
- Open ID Connect/OAuth - Token Lifetime Management (TH3G)
- XDI the Killer App? (TH3H)
Session 4
- SCIM 202 - Part 2 (TH4A)
- Personal Data Rights Language NEXT STEPS PDEC StartUp Circle (TH4F)
- Delivering Entropy Via DNS / WOrkability Challenges (TH4G)
- UMA Open Meeting - Part 1 (TH4J)
Session 5
- XDI Databases / small footprint - mobile development (TH5F)
- How can we continue the discussion? (TH5H)
- UMA Open Meeting - Part 2 (TH5J)
IIW 13 2011b
_ Tuesday_
Session 1
- Open ID Connect Intro (1A)
- User-Managed Access Intro and Update (1B)
- Cross Device /3-4 Screen Identity (1C)
- Service Chaining With Oauth Bearer Tokens (1D)
- IIW & Identity Community Orientation (1F)
- Scalable Community Trust Infrastucture (1G)
- Possible Low Frication Global ID Proofing (1I)
- Trust Frameworks and Other Fundamentals (1J)
Session 2
- ATandT White Paper – P.L.O.A. personal levels of assurance (2A)
- Scalability Point to Point Federation (2B)
- Browser ID and More in-browser identity (2C)
- Logging on to Windows 8 With Your Live ID (2D)
- Layered Identity in Partnerships Networks (2E)
- What Did You Call Me? (2F)
- Generic Identity Models (2G)
- Endpoint Authentication Role and Standards (2I)
- Developments In Drupal – doing something there? (2L)
Session 3
- Evented API’s (3A)
- Per Site Account Chooser (3B)
- OAUTH Web Authentication Where the Protocol is and What’s Next (3C)
- VRM for Newbies – update and Progress (3F)
- Keeping User Data on the Endpoints/Secure and (really) Private User Centric (3G)
- SCIM (Simple Cloud Identity Management) (3H)
- Data Privacy and Security with UMA and SMART AM (3K)
Session 4
- Identity Layer 4 OAuth 2 and Multi-Protocol Support Discussion (4A)
- Per Browser (hot) Account Chooser (4B)
- Identifying with your Bank – Global, Strong, Authz w/EMV BANK CARDS (4D)
- Are You an RP? (an AP’s and RP’s discussion) (4E)
- Customer Commons (the 100%) (4F)
- Killing Passwords/ Use Mobile Phones and QR Codes for Auth-N (4G)
- Simple WEB Payments (4H)
- Standards Landscape (4I)
- XDI What is it? What is it good for? (4K)
- OAUTH2 – on Mobile Devices (4L)
Session 5
- Federated Authorization w/ OAuth2 (5A)
- The Role of State Government (5B)
- Declaration of Identity / Talk and Sign (5C)
- SMART OpenID – What Mobile Network Operators Can Contribute to OpenID (5D)
- Internet Identity Trends – A Fun and Exciting Discussion and Analysis (5E)
- Citizen-Based Policy / Government Relationship Management (5F)
- OpenID Connect Spec Work Client Registration (5G)
- A Contrarian View of Identity/Case Assumption: You are only your legal name… (5H)
- NSTIC/FICAM Digital/Physical ID Overlap (5I)
- Europe vs Facebook (5J)
- Sneaky Bastards – Activism…hacking the legal “black box” making agreements accessible and possibly fun… (5K)
- The JAVA Identity API (JSR 351) (5L)
- Consumer Adoption of Personal Data Vault (5M)
Wednesday
Session 1
- PDEC (Personal Data Ecosystem Consortium) Legal Advisory Board (W1A)
- One ID -what, why, how vs alternative (W1B)
- NSTIC Update (W1D)
- HQuery Distributed Queries for Health Data (W1F)
- Open Transact Spec Session (W1H)
- XDI Link Contracts (W1K)
Session 2
- VRM and Anything / Evented API’s (W2A)
- Technology Solutions for Use Attribute Control (W2B)
- What is the impact of a device as an entry point into an online ecosystem / data platform? (W2C)
- Standards Landscape I (W2D)
- CSDIP = Cross-Sector Digital Identity Program /NSTIC P.O.C. (W2F)
- Connecting Physical and Virtual Identities Approaches (affordable) Usability, Privacy and business (W1G)
- Converging Digital Identities with Physical Areas – facilities, critical infrastructure , etc… (W1H)
Session 3
- Internet Authentic Ecosystem “a la Rus” (W3A)
- What Does “interoperability” really mean (and what should it mean) in the context of NSTIC? (W3B)
- Standards Landscape II (W3D)
- New Gov US – Hacking Politics Steering Committee GRM (W3F)
- Conceptual Design Model –Possible Future State (W3G)
- Open ID Connect Flows and Levels of Assurance (W3H)
- A National ID for the US (W3I)
- Call for participation to Next-gen. HTTP-Auth Standardization Effort on http-auth@ietf.org (W3L)
Session 4
- Personal Levels of Assurance = P.L.O.A. (W4A)
- Monetizing Street Identity (W4B)
- How do Different Technologies Align with the 4 NSTIC Guiding Principles (W4C)
- Standards Landscape III (W4D)
- Collaborating on the Open Web / How to get your company to Sign OWFa!! (W4E)
- Hypothes.is / Peer Review for the Internet (W4F)
- NSTIC – Assuring ID Services as well as the Technology (W4G)
- Data Portability - Wading through the BullShit (W4H)
Session 5
- BackPlane 2.0 Plus-Oauth Plus-sensitive data Plus-persisted state (W5A)
- Monetizing Mobile Authentication ‘LMNOP’ (W5B)
- NSTIC /4 Sessions Combined (W5C)
- Levels of Protection (W5E)
- Connect.Me Social Vouch-a-thon (W5F)
- Open ID Connect Spec Work Session (W5G)
- A Look at 10 Proofing Using the Social Graph (W5K)
Thursday
Session 1
- A Simple Hack to Pay for Everything (TH1A)
- Personal.com DEMO (TH1D)
- Death to NSTIC! (TH1E)
- Open ID Connect Editing Session (TH1F)
- Is There A Business Case for Click Stream (TH1G)
- Personal Data Ecosystem Overview (TH1H)))
Session 2
- Building 4th Party Systems (TH2A)
- Connect.Me Social Vuch-A-Thon (TH2F)
- Smart OpenID Connect Chip to Cloud via Open ID Connect (TH2G)
- NSTIC Governance or Community? (TH2K)
Session 3
- Brave Heart P.L.O.A. Personal Levels of Assurance in a Kilt! (TH3A)
- Password Fifty Years and Counting (TH3B)
- Authorization Unbound: BELAY (TH3D)
- DATA Portability – Roundtable (TH3F)
- PDEC Technical Documentation Group (TH3G)
- Personal Data Ecosystem Consortium / Technical Documentation and Interoperability (TH3J)
- ID Proofing – And the Social Graph (TH3K)
Session 4
- YUBICO – Simple Two Factor Authentication (TH4B)
- So….. you want to do an UnConference? (TH4D)
- My Personal Event Network Waters my Lawn (TH4F)
- Techniques for x-site Communication in the Browser (TH4G)
- NSTIC – PETs Privacy Enhancing Technologies/Allowed Recommended Required? (TH4H)
- Europe vs Facebook (TH4J)
Session 5
- Fact Registration Concept (TH5A)
- ISWG’s Standard Information Sharing Agreement and DTAs (TH5F)
- Start-Up Friendly “YUKON” Policy and Implementation (TH5G)
- Strangers in the Net: When the RP is a Real Person (TH5H)
- Deployment and Usability of Crypto Credentials (TH5K)
IIW Satellite DC
- What's Going On With NSTIC? Pilots! Steering Groups! - (1A)
- OIX Update (1A2)
- Open ID Connect – the History and Practice (1F2)
- How Private Is It? Privacy Metrics and Preservation Techniques (1G1)
- Personal.com Demo (1G2)
- What Would a Great NSTIC Pilot Look Like? (2A)
- Personal Data Services (2F2)
- Gov Use of OAUTH2, OPEN ID Connect, UMA? (2G1)
- Attribute Management (2G2)
- FICAM Profile, OAUTH2 and 800-63?? (3A)
- ABA IDM Work Group “Redefining Terms” (3F1)
- Why A Super Voter ID? Architecture *Certified Constituent (3F2)
- Constant Use Of Attribute Sharing UI (3G1)
- SCIM Who's Doing What? Standard for Managing Users & Groups (3G2)
- Level 3 and 4 Credentials in the Exosystem (3H)
- Why You Should Care About OAUTH2 (4A)
- Impact of Consumer Permission on Data Use Compliance Laws (4F1)
- Making OAUTH Scopes Interoperable With UMA (4F2)
- Limited Liability Persona.... Can This Leagal Innovation Address Issues of “Psuedonimity” for Trust & Transactions? (4G2)
- Why You Should Care About OAUTH 2 (4H)
- Limited Liability Persona.... Can This Leagal Innovation Address Issues of “Psuedonimity” for Trust & Transactions? (4G2)
- Eat My Attributes (5A)
- Use Case for OAUTH 2 & Structured Takens (5F1)
- Why A Super Voter ID? Architecture *Certified Constituent (5F2)
- Global Attribute Trust Level – Standardization (for RP's) (5G1)
- Common/Open (NPO) Solution For – The Person in the “Personal Identity Movement” (5G2)
IIW 12 2011
Tuesday
Session 1
- Introduction to the JSON Spec Suite
- Yahoo! DAA DNT Hybrid from W3C webtracking & user ID
- Google’s Open ID Relying Partyr
- Respect Trust Framework & Founding Trust Anchors
- Identity Community 101
- Simple Cloud Identity Management
- Gov’t Regulation & Security Services & Bill of Rights
Session 2
- [NSTIC,
, IDPs, TELCOS, DANKS](https://iiw.idcommons.net/NSTIC,_
,_IDPs,_TELCOS,_DANKS) - How to meet privacy goals of NSTIC
- Yahoo! As a relying party
- Open ID ABC Identifiers & Discovery
- Federated Identity for non-web apps
- VRM + Browers
- The line between public and private internet ID
- Users in control of their data UMA
- How many IDPs do we need?
Session 3
- Verified ID in the browser
- Secure Cloud Interop using JWI + OAUTH
- An architectural approach to harmonizing data between personal data stores
- Reputation Systems (whuffie?)
- Open ID ABC session management
- PUSHEE
- Can Banks act as digitial ID providers? Is there money to be made?
- Portable Contacts 2.0
- Security measures identity protocol flows
Session 4
- W3C Identity in the browser topic gathering session/Info Card
- New UMA solutions for scoped access and centralized AUTHZ
- DNS as a personal data store and discovery mechanism
- SSEDIC: Scoping the Single European Digital Identity Community
- User info end point of Open ID ABC
- JSON activity streams spec
- Success factors for fourth parties/user agents
- When SAAS apps exchange customer data should they use OAUTH, Open ID, or other (SAML) protocols to access the data
- Higgins 2: Open Source personal data service
- Bizzaro ID revenue from user purchased ID services
- Open ID 2.0, OAUTH 2.0, Open ID ABC Where are we going?
- Do not track! It won’t work!
Session 5
- Personal Data: what’s the state of things today?
- Getting rid of usernames & passwords – for real?
- OAUTH2 Device Profile
- Open XDI OX
- Data portability for trust framework
- Open Identity protocols and banking
- Portable contexts
- OStatus (Federate the social web)
Wednesday
Session 1
- Beyond the NASCAR UI Google’s Account Chooser
- Chained Identity in Online Entertainment
- Info Sharing Agreement
- Virtual Problems
- SCIM Use Cases
- Different IDP Business Model
Session 2
- Packaging RP Best Practices: Google Identity Toolkit
- Identity in the Browser: Open ID for Firefox
- Smart User Managed Access Demo
- Public Policy Issues in Identity
- How do we publish from our personal data stores? Save the restful web.
- What’s possible at intersection of trust, identity info, commerce and journalism
Session 3
- NSTIC.
- Proxy Auth for Native App Hosts
- Respect Trust Framework 2
- User Managed Access: User Interface
- SCIM Core Schema
- Pseudo Anonymity and Reputation Systems
- Beautiful Payment Systems w/OAUTH
Session 4
- OAUTH2 User Agent via Window Post Message
- What’s available for the shared user profile? Is Poco end all answer?
- Adapting Levels of Assurance for NSTIC
- Building a Trust Framework for Multi-side Markets
- VRM + CRM
- SCIM Bindings
- Two Legs Good? “Client-Server” OAUTH Usage
- Extended Demo: UI for personal data store + data sharing on mobile device cubicon
Session 5
- Backplane Spec
- OAUTH, Open ID Mobile UX: How should it work?
- How to Manage Digital Multiple Identities Securely and Assuring Privacy on Internet
- The Payment Card Trust Framework
- VRM @ Work
- ID/Legal: Dialogue Collaboration
- Conversation Around Data as Currency
- How Yahoo! Became RP: A Large Scale Implementation Study
- Open Architecture for Step Up Authentication
Thursday
Session 1
- For Public Consumption. Choose Wisely: Identity as selective pressure on biology
- Respect Trust Framework Q+A (part 3) Become a trust anchor
- Data Portability for Trust Frameworks
- OpenID Specification Work
- Internet Bill of Rights for “Vegas” Model
Session 2
Session 3
- What part is Identity? What part is Personal Data?
- Open ID Specification Work
- Bill O’Rights O Rama
- Strategies for Ubiquity
- NSTIC Risks Legal Liability
- News personalized by inference or expression…managing the user’s persona
- The Locker Project
Session 4
- What part is Identity? What part is Personal Data?
- Open ID Specification Work
- Legal Structures
- Personal Data - Stores, Lockers, Vaults
- Square Tag
- Red Teaming Trust Frameworks
- Give me tips on creating persona
- Field Guide to Real World Trust Frameworks
- Start-ups table
Session 5
- Open ID Specification Work (Cont.)
- Is there value in an open reputation framework?
- Digital Death
- Real world VRM example + code for VRM App
- Make OAUTH2 Easy for Rest Developers
- Certified Identity
ID Collab Day
ID Collaboration Day Book of Proceedings
- Identity Commons Claims Agent Working Group
- Citizen ID’s and Winlogon credentials? Why AND/OR Why not
- How Will the Enterprise do Identity In The Cloud?
- UK Government ID For Digital Public Service
- Why (Identity, Privacy, Turst) Frameworks are Failing
- Identity In The Browser
- ID Adoption Discussions: Compliance + Service Certification Requirements for Cross-Domain IDM Deployments – Govt, Financial etc…
- Personal Data Ecosystem Personal Data Stores and Services Emerging. What is Happening, How To Be Involved, What To Do Next
- Architecture for A Personal Data Ecosystem
- Organizations and Their Individual Affiliates (retirees, contractors, etc…) Bringing Their “Own Identity” to the Organizations Services
- Measuring ID Assurance Through Complex Supply Chains – “The Weakest Link Breaks the Chain” + Is There a Market for Assurance?
- U-Prove CTP RZ
- ANSI / NASPO – ID-V Standards Workgroup Update
- Machine Readable Policies to Informed Consent
- NIH Seeks Higher LOA
- Personal Data Management (part2) Practical Applications and Market Considerations
- NSTIC.US
- Use Cases for User Centric and Communicating Them On The Web–Identity Labs?
- Kantara Universal Login Experience
- Open ID ABC – High LOA Secure Discovery
- User Managed Access and SMART
- 5 Minute Higgins 2.0 Personal Data Service Demo
IIW 11 2010b
Tuesday
Session 1
- Intro to PDS (Personal Data Store)
- Trust Frameworks Analogue to Digital Converters
- Decline of User-Centric Identity an analysis
- OAuth Listening Tour
- Activity Streams 101
- Verified Identity Claims 1
- UMA 101 User Managed Access
Session 2
- OpenID OAuth - Social Networking for online retailers
- ID Commons -IIW Intro
- Deep Dive OpenID - AB
- VRM Development
- No Base String
Session 3
- Attenuated Redelegation
- Verified Identity Claims "U Prove Intro"
- Facebook as a Personal Data Store
- OpenID Connect Discovery
Wednesday
Session 4
- Pseudonyms for Privacy
- Rap Leaf Is it a joke?
- Verified Identity Claims 3
- Handling Unregistered Clients in OAuth and OpenID connect
Session 5
- Change Notify Proposal
- OAuth Multiple Token
- Personal Data Ecosystem
- Making Security Decisions Disappear
Thursday
Session 1
- Value Network Mapping
- Future Phone Device Authorization
- Enterprise OAuth BOF Level Set
- OpenID Connect Sessn Mgmt
Session 2
- PDE- Why would anyone adopt?
- Fix Session Mgmt Jacking
- UMA 201 Q and A
- Poor Man Verified ID
- Int'l Presence of OpenID
- OAuth for Installed Apps
Session 3
- VERIFIED IDENTITY CLAIMS – Selectors (W3A)
- OAuth2 for Devices
- Building a CAKE Detector
- Shifting Global Economy w-Identity
- OpenID ABC Artifact Binding
Session 4
- Personal Data Ecosystem Biz Models
- Using a Personal Data Store
- JSON Token Spec - Encryption
- Verified Identity Claims - UX
Session 5
- Deadly Sins Distributed Authentication
- Personal Data Ecosystem Model 2
- Cloud Directory Standards
- Infrastructure Focus - Relationships Among Things
- JSON Token Spec - Claim Names
- OAuth LEELOO
- What do USERS want?
- OpenID Attrib - Beyond AX-SREG
Session 1
- Go To Market - PDE Adoption drives for Personal Data Ecosystem
- Google Sample OpenID RD and RP Best Practices
- JSON Spec Work continued
- User Managed Permission Interface
Session 2
Session 3
- PDE - Go to Market and Community Strategy
- Adopting OAuth 2 OpenID Connect
- Email is not Dead Yet
- Policy Framework
Session 4
Session 5
IIW Europe
Session 1
- What is the MYDEX Prototype?
- Federated Network Access
- Partial Identities Privacy and Credentials
- Privacy and Federated Social Networking w/o Correlation
- OpenID Tiered Providers
- Federated Identity as a Business Model
Session 2
- Scoping the Single European Digital Identity Community
- WebID and DNSSEC - combined session
- U-Prove - How Do We Use Privacy Enhancing Crypto?
Session 3
- What Do We Actually Mean When We Talk About Identity?
- The Quality of Customer Intelligence (Authenticity/Relevance Correlation)
- Personal Data Store Harmonizing = Project Nori DEMO
- Claims
- Authent-New Tools - Opportunities - Business
- Remonetizing the Web: from 'Give privacy, get service' to: A win-win social web ecosystem for customers, Telcos, Banks, Websites
- Identity Assurance (merges with) Automated Policy Negotiation
Session 4
- CardSpace in the Clouds
- Introduction to Digital Death - What Happens to Internet Identity After Death?
- One Social Web . org
- Why do Politicians Understand So Little? Our Fault or Theirs?
- How Do You (we) Manage Heterogeneous Groups?
- Issues About Profiling and Cross-Border Data Stores
- OpenID the Nascar Problem Revisited
Session 5
- UK Gov. - They Want To Talk Identity. How Do We Help?
- Embedding Privacy Controls in OnLine Identity Mechanism: How and Why?
- Privacy Dashboard Demo
- Financial Services - distance selling, money laundering, "Know Your Customer"
- Personal Data Ecosystem.org
IIW EAST
THURSDAY
Session 1
- Role of Government as Identity Oracle (Attribute Provider)
- B2B and B2C: How to Balance the Difference and Challenges of Each Environment
- Proofing the Masses
- NSTIC 101 (wtf?)
- More Government Employees at IIW Next Time
- PDX Ecosystem
- High Assurance Consumer Identity
Session 2
- Certifying Use Location for Politics Governance
- Useability: Addressing the click - click - click problem
- Leveraging Identity to Enable and Foster Scientific Collaboration
- Identity and Cross Domain Systems (multilayer security)
- Should We Create "Ownership Rights" in Law for Personal Data?
- Personal Data Vision of Future: Video
- Attributes Claims - Identify Attributes LOA
Session 3
- Are Mediation Tools Useful in Authentication?
- Open Identity for Closed Government: NSTIC the Cybersecurity Answer?
- Wholesale Privacy
- Building Standards for "Trustable" ID Providers
- Liability and Financial models for Identity Providers, Attribute Providers and Identity Proofers
- Personal Data Stores and Context Automation
- Patient Centric Medical Record Federation - Securing HData
- How to Make HTTP Authentication Useful Again?
Session 4
- PRIVACY - Did We Solve Privacy for Web Identity Systems (technically already?)
- Personal Data Store/Archive
- Service Chaining and Trust
- Extending OpenID Assertions with SAML+
- NSTIC - "Identity Ecosystem"
- Cross Federation Trust w/Meta Data
FRIDAY
Session 1
- OAUTH - What Topics Should We Focus On Next?
- Liability for ldps, APs, RPs... Continued
- Getting More .gov @IIW
- Identity Commons "3.0" Big Tent Creation
Session 2
Session 3
- "Today Geekdom, Tomorrow the World"
- Personal Data Locker? What is it and Why?
- Ownership Rights in Data Pt2
- Information Security Standards and "Levels of Protection"
- Certification Coordination - OIX, Kantara, ID Commons
Session 4
- OAUTH Signing #2
- Making NST IC Open/Making NST IC Happen
- Hybrid Online/Offline Debate BYO Issue
- Roadmap for Personal Data Store Ecology: Let's Make One
- Demo
IIW 10 2010
Monday
Session 1
- Designing Faceted ID System
- Nascar for Sharing and Personal Service Distovery
- Using DNS + ENUM
- Getting Started in Internet Identity
- Can the Open Pile Become Beautiful Again
- Small Business Software on the Open Web
- OAuth 2.0 WTF
- Online Voter ID How do we do that?
Session 2
- Mozilla Proposes
- Digital Heritage
- Recovering a Lost Identity
- Voluntary Oblivious Compliance
- P2P Network Version Vega
- A New Liberty? to prevent single vendor dominance
- OpenID Connect WTF
Session 3
- Magic Signatures and Salmon
- Cet Competing e-ID providers creating a Market
- OneSocialWeb XMPP & Social Web
- What do regular web devs need to know about ID
- User Managed Access - UMA (protocol)
- Permission vs Consent
- eCitizen OpenID National Architecture
- OpenID Connect: Under the Hood
Session 4
- Trying to use PubSubHubbub
- Privacy Enhancing Approach
- Contextual Identity
- Identity Lifecycle
- Verified Attribute Schema
- Personal Data Stores
Session 5
- Voice Biometrics
- VRM Parts & Whole
- Linking Data Across Social Networks APIs
- Six Degrees of Sharing
- OAuth 2
- ORCID Open Research Contributor ID
TUESDAY
Session 1
- Strong Auth and OpenID getting Comfie
- Information Cards and Gov Cards
- De-Confusion Big Picture
- Open Geneology
- XRD Provisioning
- Building MITER ID
- OAuth 2.0 and SASL
Session 2
- Info Grid Graphic Database
- Legal Issues Underpinning of UMA ("UMA and the law")
- Contacts in the Browser
- Migrating from HTTP to HTTPS OpenID
- Identity Business Models
- Patents, People Development Pools
- Enterprise Signing in OAuth
Session 3
- Simple Reputation Feed
- Lawyers and Accountants
- The Right Question Making Privacy Policies User-Centric vs. Data Centric
- OIX
- UX w/no logout...single sign out
- URL-Sharing Using the OExchange Protocol Stack
- Secure Web Auth
- The Case for and Design of KRL
Session 4
- Research Report on Info Sharing
- OAuth 2 for Native Apps
- User Managed Access (Claims 2.0)
- Client Side OptIN Cross Site Data Sharing
- Telco vs. The NET
- Web Biz Card
- SAML Profiles for OAuth
- Separating: ID, Credential, and Attribute Management
- Story Cubing and Synergies
- OpenID-Artifact Binding
Session 5
- Biz Model on Distributed Social Web
- Directory Federation
- Honey Roasted Death Camp Salad
- OpenIDvNext Discovery
- Implications of User Owned Controlled Data as Official Government Policy
- Google as an OpenID RP
WEDNESDAY
Session 1
- Personal Data Store Ecosystem Design
- (In)Coherent Web (in)security Policy Framework
- Bootstrapping OAuth 2.0 Ecosystems
Session 2
- OAuth Provisioning continued
- Stateless Distributed Membership an Inquiry
- Emancipay VRM and CRM
- Breaking up with Atom Activity Streams
Session 3
- DNSSEC
- Certifying Open ID, IdPs, RP
- SMART UMA
- Catalyst Interop Planning
- PCITF: Payment Card Industry Trust Framework
Session 4
Session 5
IIW 9 2009b
Session 1
- OpenID Artifact Binding =Nat
- Gluu Metaprise - MIke Schwartz
- Cloud Selector - Susan Marrow
- Vulnerabilities in ID tech - Rich Smith
- VRM Loyalty Cards in Real World - Chris Carfi
- Data Portability TOS EULA - Steve Greenberg
- Social Consent - Angus Logan, Kevin Marks
- Social InterNetworking - Rohit Khare
Session 2
- Attribute eXchange =Nat
- Biz Case for Data Portability - Elias Bizannes
- Identity Selector for OpenID - Mike Jones, Ariel Gordon, Oren Melzer
- Enterprise Use of Consumer Identities - Pamela Dingle
- Activity Streams - Monica Keller, Chris Messina
- Privacy Risk Assessment at the data item level - Jeff Stallman
- Question to ask for request - Alan Karp
- Legal Layer of the Stack - Scott David
- Twitter What's with it? - Kaliya
Session 3
- Salmon - John Panzer
- Selling to Consumers - Phil wolff
- User- Managed Access - Eve Maler
- Email Sucks What's Next - JAM
Session 4
- Attribute Aggregation - David Chadwick
- OpenID Security - Breno, Jeff, Ashish
- Building Action Cards - Phil Windley
- Microformats Meaning in HTML existing formats - Kevin Marks
- elgg Open Source Social Networking - Justin Richer
- Defining Meaningful Claims - Patricia
Session 5
- OpenID for Science Community - Dhiva, Mike Helm
- Identity in the Browser: Security and Protocol Issues
- Role of 3rd Parties in enabling trust frameworks, challenges, business models, opportunities - Lena Kannappan
- What an RP Needs - Joseph Smarr
- The Business Imperative of User-Driven Data - Darias Dunlap
Session 6
- Trust Nexus - Mike Duffy
- Open Identity Trust Framework - Drummond Reed, Don Thibeau
- The Hammer-Stack "advanced"
- Identity and Cloud Computing - Anil Saldhana
- Active Client iiw9 - RL "Bob" Morgan
- The Small Business Web Issues of building a "whole product solution" - Sunir Shah, Freshbooks
- 4th Party Provider Brainstorm Day 2 Lunch
- ID Commons Stewards Call
Session 7
- OpenID Contract Exchange and Japan Update =Nat
- Identity and iPhone - Jeff Shan
- OpenID Session Management Best Practices - Johannes Earst
- Going to Market Mobilizing a community of RP's and OpenID InfoCard enabled session - Mike Ozburn, Scott David
- Is Assurance Real? - RL "bob Morgan
- OpenID Provider Office Hours - Yahoo, Google, AOL, MyOpenID
Session 8
- Salmon Pixie Dust - Johnathan Panzer
- I'm from Phone Company How can I help
- Strong AuthN - Micheal Sprague, Wave Systems
- Schema Mapping Using Personal Data Madel - Paul Trevithick
Session 9
- OpenID v. Next
- Information Sharing - Joe Andreu
- Data Traceability in the cloud - Steve Holcombe
- Facebook Recycling
- Spectrum of Identity and other things - Kaliya Hamlin Rick Smith
Session 10
- WRAP - Simple OAuth - Web Resource AuthN Protocol - Dick Hardt, Allen Tom, Brian Patton
- From Paramecium to People - Bioinformatics,Identity and Law - Scott David
- Portable Contexts - Joe Andreu
- How Should Identity Support in the browser look like? - Johannes Ernst
- My Ideal Identity Flow - Eran Sandler
Session 11
- Public Key Discovery
- Identity in the Browser
- SAML and OAuth - Paul Madsen
- Open Identity Trust Frameworks
- Lessons Learned Past Efforts...Email Auth... Ev SSL - Jim Fenton, Craig Spiezle Lunch Day 3
- Why Facebook doesn't implement OAuth today - Luke, David
- Getting data into XRD - Will Noris
Session 12
- Rich Sharing on the Web - Alan Kar
- XRI Resolution using XRD 1.0 =Drummond
- Where should Identity Live - Andrew Arnott
- Factors Influencing VRM/CMI Enabled marketing systems
IIW 8 2009
Session 1
- Identity Doesn't Matter - Authorization Does, Alan Karp
- Distributed Identity Based on Relationships, Pat Sankar from Rel-ID
- Do People want to Own and Manage Their Identity? If so, How?, Ernie..... State of OpenID - Authoratatives Discussoin RE: State of 1) Trust/Security 2) User Experience 3) Nascarization 4) Attribute Exchange 5) Adoption by David Eyes
- Defining an Architecture and Lexicon for VRM and Volunteered Personal Information building on VRM Workshop Dialogue - Iain Henderson (video)
Session 2
- Authentication or Authorization? Can we move to verification Now?, Doug Whitmore
- Financial Institutions as Identity Providers, Guiyom
- Identity and Privacy - Who to Trust with Your Data, Mainak
- Identity Quartet and User Driven Identity, Joe Andrieu (video)
- Identity Services Business Models, Bob Blakley
- OpenID For Desktop Applications: How? When?, Infinity Linden
- Sharing Permission RESTfully with Web-Keys, Tyler Close.... ... Authorization without boring crypto (It is possible and it is secure), Hans Granquist
Session 3
- Filtering the Noise in the Activity Streams How to <3 your stream..., Monica
- Role as Identity and Organizational Trust, Justin Richer
- Higgins Cloud Selector (a way to use i-cards without installing anything on your Machine), Markus (video)
- Keeping User Happy on the Desktop vs. On the Web (OS-level vs Online ID Management), Aridren N. (Apple) / Ariel G. (MSFT) ... ...What would it look like if Apple designed OpenID?, Chris Messina
Session 4
- Action Cards (Part 1) What are they, How do they Work, what are the Issues, Drummond Reed (also see opening talk (video) by Drummond)
- Becoming an OpenID Relying Party, Luke Shepard (Facebook) and George Fletcher (AOL)
- Enhanced Transaction Model Using InfoCards, Jeff Stollman
- Distributed Expertise Location, Terrell Russell
- Characteristics of VRM Joe (video) (also see opening talk (video) by Doc Searls)
- Claims, Tickets and OAuth Yaron Y. Goland
Session 5
- Action Cards (Part 2) Building Action Cards with Kynetx (Demo), Phil Windley
- Identity Brokers What are they? How do they Work?, Ben Sapiro
- Claims, Tickets and OAuth Yaron Y. Goland Value of Identity (end user) and SEO,
- ID-Legal "straw man" blog, Lucy
- Self Asserted Attributes When to Trust Them, AssertID
- Claims, Tickets and OAuth Yaron Y. GolandVRM 1st and 4th Parties, Doc (video)
- User-Managed Identity Use-Case Gathering (To Identity Symergy), Trent Adams
- Developing a Secure Discovery Based Messaging System, Nika
Session 6
- Are there "standards" for Registering to Call an API, Angus Logan
- Protect Serve Relationship Management for User-Driven Access Control, Eve Maler (video)
- VRM and Media, Doc
- OAuth for High Value Transactions, Jeff Shan
- Managing Alternative Identities, Infinity Linden
- Introduction to Discovery or How Do we Interact with the Unknown, Eran Hammer
- Big Dialogue and Online Community Identity Rules MIT Media Lab/ Harvard Berkman Center
- Innovation Games, Nancy Frishberg (video)
- Assurance in the Real World Levels, Communities, Certificates, Governments, Protocols, Bob Morgan ........ Discovering Federation and Trust Levels for OpenID Info-Card SAML, John Bradley.......Next-Gen O PenID Discovery: LRDD, XRD, signed delegation etc., Dirk Balfanz
Session 7
- OpenID UX OpenID UI Extension Best Practices, Allen Tom
- Confetti Stop Storing Passords and Start using Delegation -> Get more users, Kevin Marks
- Use Cases for User-Managed Access, Eve Maler, Alan K, Trent A, Paul T. Dazza G.
- Failed Identity Businesses, Chris
- Contextual Friends Lists and Sexuality Online, Sarah Dopp
- Kantara Initiative, Brett McDowell
- Activity Strea.ms Formalizing Draft Spec
Session 8
- Detecting User Login State and Preferences Brian E, Luke Shepard (Facebook)
- Microformats *distributed data, *in HTML, *in Google SERPs, Kevin Marks (video)
- User Driven Search, Joe Andrieu
- Personal Relationship Management What about starting an Open-Source project?
- Web 2.0 vs. Rich Internet Apps (RIA), Brett McDowell
- OAuth for Installed Applications, Nathan Beach, Eric Sachs
- Identity and the Future of Money, Giyom
- Having Fun with Wakame, Asa Hardcastle (video) Other
- Demos
- How to talk to Business People, Mike Ozburn
Session 9
- 9A: Use Case Selection and Metrics, Eve Maler, Alan Karp
- Activity Streams, Twitter API, Facebook, Open Social, Yahoo! Updates, Kevin Marks (QT video)
- Simpler OAuth For Lower Risk Use Cases, Brian Eaton, Eric Sachs
Session 10
- Use Case Selection and Metrics Part 2: See 9A: Use Case Selection and Metrics
- What does and RP need to survive compromise of user@idp? Breno (Google), Luke Shepard (Facebook)
- OSIS Testing John Bradley
- Innovation Design and Serious Games To Make Your Products Rock, Kaliya and Nancy F (QT video)
- Identity in 10 Years - How People Change Chris
- OAuth for Enterprise Use Cases (2 legged), Eric Sachs
Session 11
- Personal Hype Quotient: OAuth in Use - meet the OAuthors
- Visual e-ID (Certificate Image Extension
- InfoGrid sneak preview, Johannes Ernst
- WebFinger (Personal Web Disco)
- Internal and External Identity in the Enterprise, Justin Richer
- What if an IDP allows logins to multiple accounts at the same time? RP Impact?, Eric Sachs
Session 12
- NASCAR DEMO with Action Cards, Phil Windley and Drummond
- OpenID, Open Social and Mobile, Jeff
- Open Liberty Released - Wakame VI.O ID-WSF FUN, Asa Hardcastle (QT video)
- Validation Extension for OpenID, Henrick
- Use Cases for Identity Brokers Ben S. Ashish J.
- OpenID PGP and Thawte Key Signing, SignpollyMa, Will Norris
IIW 7 2008b
Monday
Session 1
- Designing Faceted ID System
- Nascar for Sharing and Personal Service Distovery
- Using DNS + ENUM
- Getting Started in Internet Identity
- Can the Open Pile Become Beautiful Again
- Small Business Software on the Open Web
- OAuth 2.0 WTF
- Online Voter ID How do we do that?
Session 2
- Mozilla Proposes
- Digital Heritage
- Recovering a Lost Identity
- Voluntary Oblivious Compliance
- P2P Network Version Vega
- A New Liberty? to prevent single vendor dominance
- OpenID Connect WTF
Session 3
- Magic Signatures and Salmon
- Cet Competing e-ID providers creating a Market
- OneSocialWeb XMPP & Social Web
- What do regular web devs need to know about ID
- User Managed Access - UMA (protocol)
- Permission vs Consent
- eCitizen OpenID National Architecture
- OpenID Connect: Under the Hood
Session 4
- Trying to use PubSubHubbub
- Privacy Enhancing Approach
- Contextual Identity
- Identity Lifecycle
- Verified Attribute Schema
- Personal Data Stores
Session 5
- Voice Biometrics
- VRM Parts & Whole
- Linking Data Across Social Networks APIs
- Six Degrees of Sharing
- OAuth 2
- ORCID Open Research Contributor ID
TUESDAY
Session 1
- Strong Auth and OpenID getting Comfie
- Information Cards and Gov Cards
- De-Confusion Big Picture
- Open Geneology
- XRD Provisioning
- Building MITER ID
- OAuth 2.0 and SASL
Session 2
- Info Grid Graphic Database
- Legal Issues Underpinning of UMA ("UMA and the law")
- Contacts in the Browser
- Migrating from HTTP to HTTPS OpenID
- Identity Business Models
- Patents, People Development Pools
- Enterprise Signing in OAuth
Session 3
- Simple Reputation Feed
- Lawyers and Accountants
- The Right Question Making Privacy Policies User-Centric vs. Data Centric
- OIX
- UX w/no logout...single sign out
- URL-Sharing Using the OExchange Protocol Stack
- Secure Web Auth
- The Case for and Design of KRL
Session 4
- Research Report on Info Sharing
- OAuth 2 for Native Apps
- User Managed Access (Claims 2.0)
- Client Side OptIN Cross Site Data Sharing
- Telco vs. The NET
- Web Biz Card
- SAML Profiles for OAuth
- Separating: ID, Credential, and Attribute Management
- Story Cubing and Synergies
- OpenID-Artifact Binding
Session 5
- Biz Model on Distributed Social Web
- Directory Federation
- Honey Roasted Death Camp Salad
- OpenIDvNext Discovery
- Implications of User Owned Controlled Data as Official Government Policy
- Google as an OpenID RP
WEDNESDAY
Session 1
- Personal Data Store Ecosystem Design
- (In)Coherent Web (in)security Policy Framework
- Bootstrapping OAuth 2.0 Ecosystems
Session 2
- OAuth Provisioning continued
- Stateless Distributed Membership an Inquiry
- Emancipay VRM and CRM
- Breaking up with Atom Activity Streams
Session 3
- DNSSEC
- Certifying Open ID, IdPs, RP
- SMART UMA
- Catalyst Interop Planning
- PCITF: Payment Card Industry Trust Framework
Session 4
Session 5
IIW 6 2008a
- Creating an InfoCard IdP in 30min Daniel Sanders
- Tracking stuff I've Done Killer OpenID app?, Dick
- Open Social Making the Web More Socail, Kevin Marks
- Verified Claims From Here to Reality - Bob Morgan, UW
- User-Driven Search Joe A.
- Large OPs and RPs Shreyas, Y!
- Relationships Bob Blakley
- InfoCard Capabilities Pam Dingle
- Why OpenID matters to the Enterprise Pete Metralus and Ed Amemiya
- Higgins R-Cards Markus S.
- Digital Deal Johannes
- Project Concordia Eve Maler
- Venn Sweetspot Alexis Bor
- Role of Data Silos Mike Carc
- Identity Beyond the Web Harlan Iverson
- Partitioning the Space Johannes Ernst
- Enterprise Identity RoadMap Marty Schleiff
- CardSpace and Fedlets and SAML Pat Pattersion
- ID Futures Kaliya
- Friend Connect Kevin Marks
- Paradoxes of Identity Management Everything you know is wrong, Brad Templeton
- XRDS - Simple + OAuth Discovery Eran
- You can get a degree for this?
- Legal IIW Kaliya and Bob Blakley
- ID Commons Infrastructure Kaliya and Mary Rudy
- FOAF SSL
- CallVeifID
- What to do on an OAuth Permission page Shreyas, Y!
IIW 5 2007b
- Concordia
- XRDSP (XRDS Provisioning protocol) (10-15)
- OAuth (5)
- HBX (Higgins Browser Extension) Provisioning and Authentication Working Session. (12)
- OSIS Tutorial
- VRM 101
- OpenLife Bits
- Dynamic Federation
- Implementing OpenID and OAuth
- Ubiquitous Computing
- UI Best Practices for OpenID RPs
- VRM Standards Gap
- Landscape 2008
- OpenID Security & Privacy
- Who Wants To Be A Billionare
- Information Cards Intro
- Intro to OAuth
- Trusted Data Exchange & RP Reputation (=nat)
- Real Identity
- Identity Architecture, RM-ODP
- OpenID Tutorial
- OSIS Interop
- IdP Trust and Reputation
- Connectivity from the Edge
- Higgins Tutorial
- OAuth Extensions
- Reliable Identities for Relying Parties
- Who's Who
- OpenID Foundation
- OSIS Interop
- Identity Commons 101
- Open Reputation Management Systems
- OAuth and OpenID
- Deployment Challenges
- Limited Liability Personas
- OSIS Interop
- Understandable Usability
- Identity Commons Resources
- Non-browser OpenID and OAuth
- What IIW Means to Enterprise
- Second Life Residents Supporting OpenID
- Open Reputation Management System (ORMS)
- VRM Projects
- What's Next for OpenID (3.0)
- Bandit Project
- Sxipper Demo
- VRM Use Cases
- Identity Assurance Framework
- Understanding Usability
- La Leche League ID Implementation
- OSIS Steering Comittee
- The ITU World E-Trust Initiative
- Considerations and Best Practice for Large OpenID Providers
- Intro to Concordia
- IIW What's Next Part 2
- Python Future Implementation of OAuth
- Concordia Use Case
- Friends List Portability
- Newbies4Newbies
- XDI-RDF 123
IIW 4 2007a
- What's Ahead for OpenID
- SimplePermissions: Delegation via OpenID
- Identity in ad-hoc, standalone and disconnected networks
- User-Centric Delegation
- Identity Management Legal and Regulatory (Tony Rutkowski, VeriSign)
- Vertical Integration of IDS from devics to users to access networks to core networks to services and content Rakesh Radhakrishnan, Sun]
- Concordia multi-protocol use case session
- Sxipper demo
- IdM Beyond Application Layer
- Managing schema in the identity metasystem
- VRM
- Higgins in seven minutes (PPT file), =paul.trevithick presented this at the beginning of a session
- IDTrust Overview iiw 051607-v1.pdf OASIS IDTrust Overview, OASIS IDTrust Member Sector, Abbie Barbir,Nortel
IIW 3 2006b
- Welcome: Kaliya Hamlin and Phil Windley
- Landscape Map: Kaliya Hamlin and Mike Ozburn
- The Identity Gang Lexicon and Laws of Identity: Dick Hardt
- OSIS - Open Source Identity System: Johannes Ernst (slides from the presentation)
- CardSpace/iCards: Kim Cameron or someone else from Microsoft
- Higgins: Paul Trevithick, Mary Ruddy
- SAML/federation/Liberty Alliance: Eve Maler (presentation in PDF)
- URL Based Identity (OpenID which includes, LID, Yadis, I-names/XRI, Sxip): David Recordon, Scott Kveton
- Identity Commons: Eugene Eric Kim
- OSIS
- FinancialID
- Who are the You I care about
- Deployment Interoperability (User centrism and Federation) - Lena Kannappan
- OpenID Libraries and Implementation
- Pat Patterson's YADIS/XRI/SAML Demo
- SAML LSSO Profile and SimpleSign Binding
- IdP Tools - Mixing & Matching - What's Available?, What's Coming?
- Beyond Passwords
- OpenID and SAML Convergence Touchpoints
- LegalFramework Who owns identity? - Mark Lizar & Louis Monvoisin
- Creative Uses for I-names
- (Room B) (need title)
- IdP Interoperability
- OpenID in Politics
- Identity and Reputation
IIW 1 2005
- Identity in the Marketplace: The Rise of the Fully Empowered Customer - Doc Searls
- Use Cases for the Social Web - Mary Ruddy, SocialPhysics
- Microsoft's Vision for an Identity Metasystem - Mike Jones, Microsoft
- Liberty Alliance Overview - Brett McDowell, Liberty Alliance
- XRI Metaidentifiers - Drummond Reed
- Identity 2.0 Design Guidelines and the Evolution of the SXIP Protocol - Dick Hardt, SXIP
- Decentralized, REST-ful Digital Identity with LID - Johannes Ernst, NetMesh
- OpenID - Brad Fitzpatrick, LiveJournal
- SocialPhysics And The Higgins Trust Framework - Paul Trevithick, SocialPhysics
- Identity Commons - Owen Davis & Joel Getzendanner -
- Kaliya Hamlin Civil Society Meta-Network building and new business models that arise from this.
- Rob Marano and Simon Ben-Avi Architecture and Process of Federated Digital Authentication and Authorization
- Nick Ragouzis Bandwagon Economics, the Necessary Ingredient for Success on the Identity Internet
- Craig Calle Roadmap and Challenges to Open Standards in Networking Applications
- Christopher Allen Four Kinds of Privacy or Progressive Trust or ...
- Adrian Blakey Xanthus, an Open Source Implementation of LID
- ... no, not that Xanthus (the NeXTSTEP hypermedia systemfrom Sweden ...)
- Allan Schiffman: You’re Nobody Till Somebody Rejects You: Requirements for Internet-scale Identity.
- Brett McDowell The Consensus Whiteboard Project as discussed on the mailing list.
- Victor Grey Expanding on Brett McDowell's idea, a proposal to create an IETF-like organization to seek consensus and open voluntary standards for distributed authentication and user-owned data. The proposal can be read on the ic_dev wiki
- Eric Hayes Controlled Identity (bits to a lot of your identity information), Privacy, and Attention Data as a single topic.
- YADIS http://www.yadis.org proposal by Johannes Ernst, David Recordon, and Brad Fitzpatrick
- Owen Davis - Help create the Identity Commons: what is the call to action?
- Mary Hodder