mirror of
https://github.com/Decentralized-ID/decentralized-id.github.io.git
synced 2024-09-18 14:56:03 +00:00
310 KiB
310 KiB
title | layout | description | excerpt | categories | permalink | last_modified_at | toc | classes | header | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|
IIW Session Topics | single | Session topics from the Internet Identity Workshop over the past 15 years | If you want to stay current in digital identity, keeping an eye on the session topics of the bi-anual internet identity workshop is a good place to start. |
|
workshops/iiw/ | 2020-11-03 | false | wide |
|
IIW 30 2020
Tuesday
Session 1
- 101 Session OAuth2
- SSI Adoption Sequence in a Pandemic
- SSI to keep the Anonymous Open Web (keep quality content accessible)
- Digital Trust Primer and an Introduction to the Trust over IP Foundation
- Code of Conduct - at DIF
Session 2
- Building the WordPress for Crypto (reusable UI) - AND Call for partcipation in Funding Call
- 101 Session - Open ID Connect
- Authorization with SSI: How do we do AuthZ with credentials?
- ZKPs for JSON-LD
- "KERI (A) Key Event Receipt Infrastructure. A ledger agnostic framework for decentralized identity. KERI unifies many DID methods types.
- Verifiable Credentials for Trade Items
- COVID APPS: WHAT COULD POSSIBLY GO WRONG?
Session 3
- KERI -Part B Key Event Reciept Infrastructure.A ledger agnostic framework for decentralized identity. KERI unifies many DID methods types.
- 101 Session - UMA User Managed Access
- Malware attacks against SSI, how SSI may be the perfect honeypot if you're not careful
- Identity in DxOS Collaboratively editing document in decentralized application with Groups and multiple devices
- Evernym AMA
- Child Safety Online: SSI, VCs, governance, guardianship, GDPR
- VC & Open Badge Linkage
- Vectors of Authoritarianism
Session 4
- COVID Daze/Days - The HumanOS & new relationships w/connected systems & Services
- 101 Session - SSI and Decentralized Identity
- Your experience with exercising your rights (e.g. downloading your data) under CCPA or GDPR
- "DIF Universal Resolver and Universal Registrarhttps://uniresolver.io/, https://uniregistrar.io/"
- The State of SSI (gathering & sharing lists, stats, big news, etc.)
- A verifiable public document graph to facilitate SSI
- Dance Party
- DIDComm WG Progress Update
- "Entity and Object Identifiers: Bringing assurance and immutability to a decentralized network"
Session 5
Wednesday
Session 6
Session 7
Session 8
- How can we make Digital Identity a Sticky topic?
- Group Identity - Open Discussion
- Patient Choice Using Distributed Identifiers
- Are we all wrong? Maybe full pubilc display of all and everyones data, without exception, is the solution
Session 9
- Domains of Idenitty - Book coming out - 1) overview of it 2) help me figure out how sell more/share it widely
- KERI (C) KACE Agreement Algorithm Recovery
- Principles of User Sovereignty (1/3)
- SCIM Reignition - HR and SSI
- Healthcare Patient Choice with Distributed Identity Assurance
- DID WG Q&A
- Discussing the Future of Aries, Indy, and Ursa
- Sidetree Protocol / Element DID and Friends
- Understanding MyData Operators - white paper published today
Session 10
- GS1's decentralized approach to resolving identifiers over HTTPS
- SSI Architecture Stack / Layers & Community efforts
- Getting back to work: End to End Concept live prototype using Hyperledger Aries for Essential Workers
- ID2020 Certification: feedback and next steps
- Every vault has a key that needs to be secured outside the vault. Role of central entities at the periphery (edges) of SSI ecosystem. Seeking answers to questions faced when presenting SSI to consultants/customers/users.
- Fundamental Problems of Distributed Systems (2/3)
- TxAuth and XYZ (and Maybe someday OAuth 3)
- Deepfakes and Identity-- Problems, solutions, focus on technology
Session 11
- Creating a Knowledge Product for the Community - What do you want/need information wise you don't get / takes to much time? what will you pay for???
- DPoP Introduction & Current Developments
- Sovrin Update
- Are VCs a necessary hurdle on the path to DID adoption?
- Search Warrants and Smart Devices: Encryption, Privacy and the Crypto Wars
- Is consent broken? If yes, what can we do?
- BBS+ JSON-LD ZKPs and Aries & Indy. Your Thoughts?
- Tracking Identity on the Supply Chain: Curated Tour of the Report
- Spotting Economic Opportunity in an SSI World (3/3)
Session 12
- Kiva SSI BIOMETRICS and HOW YOU CAN HELP!
- What goes in credentialSubject? Let's chat Credential Ontology
- Reducing Correlation in Verifiable Credentials without ZKP
- Integrating DID into an app in 10 minutes
- JSON Web Messaging (JWM): What are they and why are they useful for secure messaging sytems?
- Trust / Risk Metrics in SSI - What can we learn from technical trust in order to inform human trust
- Determining demand & feasibility for your SSI/VC use case
- Building Technology and Successful Use Cases based on the most marganilzed as the answer to the problem
- OAuth Metadata: Mix-up Machine?
Session 13
- Cards Against Identity
- What is a Test Credential?
- True Self-Sovereignty: What Will It Take?
- "IIW SSI Spotlight: 5 Priority Topics of the SSI-Community 1 wallet backup, 2 on-device credential sync, 3 public DID verification, 4 control over public DIDs, 5 third-party identities"
- Minimum Positive Human Application of SSI
- Contextual, trans-silo, on-demand groups (incident resolution) - pragmatic challenges to forming persistent, formal, credential-based, conversations across enterprise boundaries to solve problems.
- SSI and COVID-19 health status certificates - ethics, policy and next steps
- Overlays Capture Architecture (OCA)
- Secure Data Store Working group - review the charter, meet the Chairs, invitation to get involved.
Session 14
- The Digital Harms Dictionary - Review of the tool and its mission
- SSI and Payments
Thursday
Session 15
Session 16
- Supporting sovereign insurgencies - secure communities for social change - putting out fires when it is illegal to do so
- Low-tech solutions - QR Code Wallets
- Portable Reputation Using SSI
Session 17
- Open Discussion on Email, Messaging, and SSI/DID
- Hyperledger Aries - How to send messages to an unknown receiver - The Out-of-Band Protocols
- Identity for All - Universal Declaration of Digital Identity
- Open Source Product Strategy
- Cards Against Identity - Hangover Edition
Session 18
- Hyperledger AMA
- Verifiable Credentials for Global Supply Chains
- Guardianship & SSI
- Your Trustee and Ethics in a Pandemic - What your community can do to prepare
- KERI Implementation: Whats Next DID:UNI Method. Ref Imp. DIF Project.
- Intro to the Me2B Alliance Testing Specification
- Credentials should be treated like keys KMS discussion
- Build an SSI Proof of Concept on Sovrin
- Intro to did:web Decentralized Identifier method
- Ensuring Transparency in Law Enforcement Exceptional Access
- PhD positions at Identity lab based in Edinburgh - Come ask me about it.
Session 19
- 101 Session: Verifiable Credential Handler (CHAPI) and DIDComm
- Transaction Tokens: Optimizing Authorization across "domains"
- The Future ain't what it used to be — How to approach the next few years (COVID, climate, economic depression ...)
- Call for Asia Pacific collaboration
- SSI and Payments Continued
- Organizational Wallet
- "Mouse Head Model (MHM): A global solution for safe and secure data sharing"
- We2B Community-wide Tools: Inventory and Needs
Session 20
- Overview of VC / DID / JSON-LD Interoperability Plug Fest
- Group Identity pt 2
- The Future of Telecommunications is DID Comm
- Magic Sandwiches
- Proving Security for Web Protocols
- Defining the growth factors of SSI
- SSI: when I should start charging my customers?
- Diversity & Inclusion - what are your experiences? we are designing an offering for this community and want input.
- Condensed/Repeat Sovereignty Principles + Practice = Opportunity
Session 21
- CCLang for encoding complex crypto constructs
- SSI for IoT: what are the benefits and challenges?
- Perspectives from the DHS SVIP participants on interop
- HTTP/3, DIDs - any new developments or thoughts
- Glossary Results - Credentials, Wallets, Agents Defined. + Next Steps
- Must we call it "Self-Sovereign Identity"? (hopefully not)
- Introduction\Discussion - Marshall Rosenberg's Nonviolent Communication
- Money is the problem: Mechanism Design for currency
- What is BC Gov doing? Why should I care about Digital Trust? Why is a government investing in this? Ask Me Anything .. can't promise the answer will make sense!
Session 22
- Can You Have Universal Id for All without a Token?
- Digital Harms - Crowd Sourcing the Concept
- An Aries agent in a browser tab: who owns it, who controls it, is it even a good idea?
- Lets Bring Blogging Back!!! :) Lets discuss a collective community strategy_Lets_discuss_a_collective_community_strategy)
- Learner Wallets
- Come teach a student how ZKP's work technically. Anybody else who wants to know, please come, and someone come teach us!
- IIW30: The Session Collection & Song List
- ZKPs for JSON-LD using BBS+ - Round 2
- Build an SSI Proof of Concept on Sovrin
IIW 29 2019b
Tuesday
Session 1
- Hyperledger Aries Project Status + Intro
- Introduction to OAuth2 (a 101 Session)
- Me2B Relationship Management/Tech Archite
- DID + Trusted Hardware Agents! (yubico,hsm,enclave)
- Link Secret FUD and other VC Fraud Learnings
Session 2
- Hyperledger Aries Biometric Service Provider RFC 231
- Into to Open ID Connect (a 101 Session)
- What Does a Sustainable SSI Business Look Like? The Business of Self-Sovereign ID
- The DID SPEC is Perfect! Change my mind.
- 5G, IOT, DLT, ML, and Other Buzzwords
- Machine Identities
- Selective Disclosure (w/o ZKP)
- Deepfakes: Tools + Rules to Save the Open Internet. What? How? Why?
- Open ID Connect 4 Indy Assurance
- Signln.Org What is it?
Session 3
- Beyond Bearer Tokens
- User Manage Access (UMA – a 101 Session)
- Seed Quest 3D Game Mnemonic Cryptographic Seed Recovery
- Identity CoOp
- Spirituality, Abundance, Mindset, Personal Identity, Role in Community
- Expanding Language… Digital HARMS Dictionary
- HYBRID Self – Sovereign Identity
- DIDComm Encryption Envelope Discussion
- Adam from ID @ Equifax: How can I help? What should I do? AAAAA!
- Open ID Connect Federation BoF
Session 4
- Calling All Actors! Help is shoot a demo on Guardianship with SSI in a Refugee Camp
- Introduction to WebAuthn /FIDO 2
- A Guide to Hyperledger Aries – Cloudagent Python architecture and implementation
- Cors On OAuth Token Endpoint NOT A BCP
- Job Shop
- DID Resolution
- Well-Known DID-Configuration – Connecting DID’s to Domains with an Emerging Standard
- Workday Credential Schemas (No LD)
- Truth or Dare Verifiable Credential Disclosure Patterns and Commitments
Session 5
- KERI: 1 Universal DKMI Root(s) of Trust Decentralized Systems Primitires & DKMI Last Mile of Trust
- SSI 101 (Self Sovereign Identity) (a 101 session)
- A Protocol for Decentralization – How Many Data Brokers Will We Need
- Online Access Refresh Tokens (2.0) & OAuth Browser (BCP)
- DIDs For Everyday People
- Secure Data Storage (The Hub HVBUB)
- Organizational Wallet?
- Learn Startup For SSI: How To Turn Your SSI Idea Into A Viable Business
Wednesday
Session 6
- Verifiable Credential Based Authentication over OpenID Connect
- Identity in Sierra Leone – Ask us Anything
- Decentralized UX: Designing Around Decentralized Identities
- ”Trust in Numbers” Ethical (and practical) Approach to Identity – Driven AI/Machine Learning
- Identity Standards: The Soap Opera (catch up on previous episodes + review major plot points
- Sovrin 101: Permissions, Codes Bases, Value TXfer, Issuing & Edge Agents
- Open Source Business Models
Session 7
- OAuth Pushed Authorization Requests
- Delegated Credentials = Guardians, Controllers, and Delegates with Any W3C Credential Type
- Aries Toolbox Demo + Feedback (tools to work with agents)
- @Me2B #SSI #VRM #IIW #Identity
- Identity for All – Refugees, Human Trafficking, Women, & Marginalized People = Tech Meets Real Life Experience & The Humans that DID + SSI Can Help Most, How & Why
- Gender Is Harder Than You Think
- What’s Going on With DID-Auth? & SSI + SIOP, OIDC DID Auth Demo
Session 8
- TXAuth (XYZ,RAR, JAR,JARM…)
- Issue A Verifiable Credential in 30min
- Problem of Provenance of Digital Content Roadmap to Solution
- Consent Receipts for Financial Services and more….
- Me2B Intro & Org Finder Wiki
- DOMI Digital Rental Passport Architecture & Data Workshop
- Freeclaims.org – Let’s Encrypt For Basic Verifiable Credentials
- DIDComm – Part 2
Session 9
- Highlights from 12 Months of Private Sector Research = Election Security, Supply Chain, Legal and IOT
- Proof-A-Palooza: Standardizing Presentation Request Language for Verifiable Credentials & VC’s in Application (Part 2)
- Privacy Chain Update
- Customer Commons – VRM MarketPlace FrameWork
- Financial-grade API & CIBA (Client Initiated Backchannel Authentication)
- Manifold: Identify and Manage All Your Things
- Mark of the Beast? Religion’s Impact on Identity
- Consent is Broken – Privacy Implications for SSI
- VC’s In The Supply Chain GSI
Session 10
- KERI: 2 Universal DKMI Events Witnesses Architecture
- Understanding and Implementing peer DID’s in 60 min or Less
- The Great Hub Hubbub
- Finish RWOT 6 Principles for Self-Sovereign Biometrics
- AMA w/Sovrin Exec Director
- Browser Changes (SameSite, ITP) Affecting Identity on the WEB
- A Machine Learning Perspective on Data About Me
- High Assurance OAuth/OIDC Profiles for Gov. use Cases
- Workshop – Universal URI For Deep Linking in All SSI Mobile APPS
- ”I Am Spartacus” Privacy via Obfuscation for Vulnerable Populations
- The Trust Ove IP Stack – A Path to Global Interoperability for SSI and Verifiable Credentials
Thursday
Session 11
- Are We Boiled Yet?
- Life Scope – Meet Your Digital Twin – Data Hub/DB/Wallet + Identity + Cred + Me2B
- Platform Architecture – Building the back ends and systems that support AS services. State? Scale? Price? Persistence?
- Aries Protocol Test Site
- Pico Agent in a Tab One Click to Identify?
Session 12
- Identity for All 2 – how can tech present at IIW help with digital identity for marginalized populations?
- XYZ & DID Deep Dive
- Seed Quest – Demo & Exploring Use Cases
- Verifiable Credentials for Mobile Skills Schemas & UX
- Me2B “Me” – side interoperability & integration (part 2)
- Retrofitting OpenID to Existing Apps BCP?
- DID:GIT: Where is it at?
- Life Scope.io Digital Self
Session 13
- Censorship Resistance and Permissioned Ledgers: Survivability Analysis
- ID4 Africa – Exploring Possibilities for how SSI Communities and Companies show up @ the event & surrounding weekends
- DeepFakes Part 3 – What Parts of the Identity Stack & Verifiable Credentials for Digital Provenance?
- Generic MFA Token Recovery – The good the bad and the ugly
Session 14
- CLAIMS Vis-à-vis Scopes in OAuth & Open ID
- Pico Agents for Communication (follow-up)
- Tracking for Good Pragmatic Privacy
- Product Roundtable – Bridging tech & business, connect and share challenges and resources
- Hush-A-Phone
- Self-Sovereign Human Rights Parallelism
Session 15
- Terminology – the Plan
- Card Against Identity
- Expanding Language = Systems / People = Osmosis & Opaqueness
- Sidetree did:ion + did:elem Roadmap + dev
- Building a Business Around Identity In Education (From a Colombian Perspective)
IIW 28 2019
Tuesday
Session 1
- DID Communication Callbacks, Hubs, and Agents
- OAuth 2 An Introduction – 101 Session
- WebAuthn (101) An Introduction to the Specification
- Your Data Your Currency You Terms & What Do People Need to No Longer Need Facebook?
- Decentralized DID’s
Session 2
- IIW Book! Come get a REAL IIW attendance verification credential and prove it to your IIW friends using your phone!
- Introduction to Open ID Connect – 101 Session
- Blockchain Social Media & Relationship Sharing
- Identity Management in Physical Security World
- Sidetree protocol – Massivly Scalable Decentralized Identifiers – DEEP DIVE
- A Standardized Information Governance Label for apps and services
- Tokenization with DID’s?
- SSI Startups – Partnerships, Investments, Recruiting/Jobs, Ideas Lunch Session
- Where are the KARMIC Identity Endpoints?
Session 3
- What Does a Layered Identity Model Look Like? (Like OSI 7-Layer Model for Networking)
- Use – Managed Access (UMA) – 101 Session
- Relationship Lens
- JWT Profile for Access Tokens
- Universal Resolver for DID’s – What it is and Why it matters
- Open Banking – Variable Scopes – Multi-Scope Tokens
- Key Management/Usability for Lay People
- Personal Information Value Equation
- Rubrics for Decentralized Identifiers
Session 4
- Git + DID (and fully anonymous open source Projects)
- FIDO – 101 Session
- Gov’t IS the solution to ID – Change my mind
- How can trusted identities be accepted by governments and industries?
- Self-Issued OpenID Connect (SIOP) DID Auth Flavor
- Identity @ Hyperledger *Indy *Ursa *Aries *Idemix & FabrCA
- What is the Problem? – Customer discovery lessons and techniques for building identity products for business
- There Is No Scope – Doing Scope, Cliams the OIDC Way – IRL
- Is IAL Enough? *Do we need more vectors to communicate both assurance need + “level”? *How are you filling the gap? * Where is it working well?
- WEB AUTHN Together with DID’s
Session 5
- Meta-Platforms cooperative network of Networks Scaling effects: Decentralized Identity – Transcontexted Value Transfer
- Intro to Self Sovereign Identity - 101 Session
- 5Radical Ways to Keep Vendors Accountable for Your Data!!! Kantara Consent Receipt
- Is Practical Sybil-Resistant Self-Sovereign Identity Possible?
- MyData HUB (101:The Declaration)
- OAuth Clients Create Token
- The Case for an OIDC Ephemeral ID
- Machine Identity
- Deep Dive Demo – Connect Me + Onfido Creden
- Digital Natives: How do we get them to care about Digital Identity?
- Wyoming Laws & Regs Proposals
- Ask Me Anything about Sovrin Foundation Closing Circle
- Digital Identity for Refugees & Disenfranchised Populations: The “Invisibles” and Standards for Sovereign Identity
Wednesday
Session 6
- A Process for Discovering Truth? Can credentialed chains, or other ID Tech, help create authentic voices learning from historical research practices of Museums & Archives.
- OpenID Connect for Identity Assurance
- FastFed Easy Connections IDP – APP + Governance – Who should have permissions in the App
- Developing Standards – involving Non-Tech? and Tech? People
- Alice to Bob – Self Sovereign Interoperability Without Censorship – U.S. Federal Regulations
- DID Communication – What is Message Routing and why you want it in your life
- XACML / ABAC / UML 2.0 and SSI Policies
- Let’s Build A Decentralized Social Network
- What’s Supposed To Happen When A DID Operator Goes Out Of Business?
Session 7
- XYZ Transactional Authorization
- BC Gov , MATTR, STREETCRED – IIW Book Redux
- Healthcare & SSI ??? Use Cases for All
- Protocols vs API’s – Resolving the programming paradigm difference between DIF and Indy
- Approach to Bottom-Up Standardization of Claim Content Structures #interop
- Git +DID pt. 2.1
- Making a Map of all the Working Groups Working on SSI/Decntralized ID + how it fits together + making a weekly/monthly + yearly calendar
- DATA Fiduciaries FTW
Session 8
- Git + DID pt 2.2
- GC Gov – Indy Catalyst Agent + Agent Framework: What are they?
- Product Chain Overview & Update
- OAuth 2.0 + on single page Applications
- Anonymous Saliva DNA Extraction Kit using Blockchain
- Privacy Chain Overview & Update
- Hey Kids, Let’s Build a Trustworthy, Decentralized, User-Focused Web Ecosystem!
- Where Have All the Trust Frameworks Gone?
- Continuous Access Evaluation Protocol (CAEP)
- Taxonomy for Digital Credentials – interoperability / multilingual
- Verifiable Credentials Q & A?
- How Can We Detach Users from CENTRALIZED Social Media?
- DID Communication Message (JWE) Encryption Lunch
- Karma DID Method: Buddhist Approach to Identity
- Domain-Specific: Governance Frameworks – What Are They & Why Might You Need One?
Session 9
- Linked Secrets and ZKP’s
- Women In Identity @womeninID *Plans for 2019 * How do we create success? (Allies & Supporters Welcome!)
- Vectors of Trust
- DID Communication Message Types
- Self-Sovereign Commerce (VRM, Me2B) Progress Report & TBD’s
- Paradox: Recovering from Maximum Personal Data Disaster (when all is lost)
- Are Crypto Wars Coming? Issues & Solutions
- Workshop on a Layered Model of Identity for Iteroperability
- App Level proof of Possession Dpop/Pop A Case Study
- Privacy Engineering in Context + Relational Integrity
- Smart Custody
Session 10
- Seed Quest 3D Game Mnemonic Easy + Fun Demo Seed
- Me2B Alliance Intro
- How to Issue That? The DIF Credential Manifest
- The Peer DID’s Without a Blockchain or any other Central Truth
- Managing SSI (A relying party perspective)
- How Do We Move From Good Intentions – Gender Parity at Conferences
- Creating an Ecosystem of Trusted Applications – Oauth2 Dynamic Client Registration
- Overlays (ODCA) What are they and how do they intersect with self sovereign identity?
- IEEE in Digital Identity + Inclusion – InDIITA 2019 Bangalore – Standards + Programs – Ethics
- Community Claims & Discovery
- There Oughtta Be A Law! OCCAM’s Regulation, Legal Engineering, & Policy
Thursday
Session 11
- Fraud w/Cred – Attack Vectors and Remediation's
- Intro to Me2B (1/4)
- Why “Specific & Informed Consent” is Nonsense (or Not)
- Hub/Agent Cloud Stuff Project/Company Intro’s/Explainers
- PWN-Back Your ID (from Equifax, Experian, Transunion) Check-it-Protect It
- DPoP – Current Draft, Next Steps
Session 12
- On No You DIDn’t! Your identity is not self-sovereign.
- Me2B – Have YOU Changed Activity Because Unethical Data Company? (1/4)
- Get Real ONFIDO ID on Your Connect.Me Digital Wallet
- Wireline P2P O/S
- What Do Activists Need To Know?
- Sidetree on Ethereum “Element
- Otology + 00 Taxonomy – Crafting Chaordic Organizations in an Ontonomic World
Session 13
- Hub/Agent Action Meta Protocol
- Social Contract: Universal Guiding Principles – Me2B (3/4)
- The Identity.com Validator ToolKit / Demo with OnFido +SoOm Integrator
- How SSI Can Disrupt Platforms
- OffChain (PKI) Key Management – Revocation Rotation
- Latest in Verifiable Credentials Crypto
- Workflow/Forms and SSI Credentials
Session 14
- PDPR (Personal Data Protection Regime) – A discussion on Digital Street Smarts & IDRC What are the foundational rights of an individual= Independence Respect Dignity Consent
- Let’s Make a Map! Of OAUTH Specs
- What I learned in India about their National ID System
- Hyperledger ARIES – Ledger Agnostic Open Source
Session 15
- Formal Security Analysis of Web Protocols
- Me2B Code of Practice / Harms Workshop (4/4)
- The 4 Layer Digital Trust Infrastructure Stack
- Selling the Business of Value of DID’s
- SSI Agents for the IoT Using Pico’s
- The 4 Layer Digital Trust Infrastructure Stack
IIW 27 2018b
Tuesday
Session 1
- Centralized + Decentralized Identity Standards OAuth + DID w/Code!
- Introduction to OAuth2
- IIW – LAB-in-a-BOX for Communities to Be In Living Experiments
- lockchain TLD’s
- CULedger is Working to Improve Member’s Experience *Better UX *Lower Fraud – We See FB Added Value BUT They Were Creepy – Help Us Get It Right and Natural
- An Interactive Sovrin Network Demo
- Machine Learning/Computer Vision & Internet Identity
Session 2
- Sovrin Credentils and IoT
- Intro to OpenID Connect (101 Session)
- Blockchain 101 + Why You SEE BC Identity Projects
- How Can We Enable/Support Individuals to Grow/Create Their Own Credentials
- Identity and Trust in Healthcare
- FIDO FAQ
- Domain Specific Trust Governance Frameworks Healthcare Worker Identity + Credentialing
- Device Bindings & Session Control w/ ADC/OAuth (ingredients for zero-trust)
- Review W3C User Consent & Permission
- Guardianship – When Users Can’t Manage Their Digital Wallet
Session 3
- A Catalyst For Trusted Digital Ecosystems
- Intro to User Managed Access (101 Session)
- Impact of Apple ITP2 On OIDC & SPA
- Decentralized Kay Management
- World-Scale DID Methods On Top The Blockchains/Ledgers of Today
- How Do We Bring “Tribal” (group) Identity Online With Us?
- Cyber Security Data Breaches Fight With AI
- Australia’s Tsunami of Data Laws – ID, Open Data, Cyber Front Doors. What + Why
- Sovrin Stewareds – Feedback Onsite
Session 4
- How THEY Consent to OUR Terms
- Introduction to FIDO (101 Session)
- We Need a Working IdP Discovery Mechanism (for RISC, Fast Fed, and more)
- DID Resolution + Registration
- Question re DID Standard ~ What is with the changes from V1 to now, including how verifiable credentials claims attest as work?
- Deep Dive on ‘Identity Hubs’ Encrypted Personal Datastores for All Types of Identity Data, and a Platform for Decentralized Apps
- How Do We Do Digital Consent Forms & Share As Claims W/Multiple Parties?
- A Standardized Information Governance Label
- Design an Undergraduate Blockchain Course
Session 5
- A DID For Everything!
- Self-Sovereign Identity 101 (101 Session)
- Unintentional Consequences of What We Build
- MyData @ IIW
- Personal “AI” / Self-Sovereign Identity & Personal, Private Internet
- Sovrin AMA
- What Questions Should I Ask Myself Before Clicking The ‘I Accept’ Button?
- OIDC FED
- The – ABACUS: A New Approach to Authorization
Wednesday
Session 1
- Beyond OAuth: Transactional Authz
- Verifiable Credentials 101 (How the Sovrin Demo Works) & Concept Map of Verifiable Credential Specification
- HL Indy Ref Agent – Sovrin Demo + Future Work
- SSI in Europe – Getting To a SSI Agenda With Politiacal Backing #SSIpaper
- ”Moon Coin” Tying the Digital World to the Physical (a discussion) & SSI is Coming Here
- Signed Data (JSON – LD vs JWTS or something else)
Session 2
- 7 Myths of SSI
- Identity & World Bank Funding. 1Billion in Loans to African Countries for Aadhaar Like Systems??? Could this go to SSI Systems?
- Usability for Developers Applying Lessons from TLS to the Blockchain
- A Interactive Sovrin Demo II
- PRIVACYCHAIN: A blockchain-based system for consent management for data supply chains
- Fixing Enterprise IAM – Automation – Self-Service – Security – Rapid Adoption
- CYBORG Future of ID
- OAuth for Single-Page Apps (javascript apps) Best Practices Recommendations
- GS1 Digital Link: Defining Digital Identity for 100’s Millions of Every Day Things
Session 3
- Best Practice for Managing Tokens or How to Avoid Being the Next Victim After FaceBook
- Digital Life: Stage 1 – Surveillance Capitalism + Re-engineering Humanity
- Identity in the Academy
- Continuous Access (long-lived session update sync across clients)
- DID Web API’s Including: Contexts, Operation classes, Identity Hub
- Decentralized Ecosystem Governance with Blockchain
- M.E.S.H. Managed Ecosystem Superdistributed Hashes
- Q&A with Sovrin Foundation Executive Director
- [Forget About Identity & Authentication (Discuss New Aproaches](https://iiw.idcommons.net/Forget_About_Identity_%26_Authentication_(Discuss_New_Aproaches)
- OIDC DID-Auth Profile
Session 4
- Self Sovereign Identity Technology Demo and Ask Me Anything
- Sovrin AMA – Part II
- Data Transfer Project – Universal Data Portability for All
- Blockchain TLD’s, Identity Key Management
- Consumer IOT – A Perspective of Retailers, Brands, and Manufacturers
- Part Deux! Permitify – dFlow in Action
- the HumanOS As An Identity Generator ~ Implications on the Digital Domain
- Identity Proofing w/Open ID
- How To Build Context-Aware Systems to Avoid Context Breaches in a World of Intelligent Agents, IOT and AI
- Identity, Ethics and Digital Inclusion – the IEEE DITA Program
- Civic AMA – Product + Partners
- Subjective vs Objective Identity
Session 5
- Seed Quest + Didery – 3-D Game Mnemonic DID Keystore
- Decentralize The Internet With a Simple Link
- The Identity.com Eco-System – Introduction + AMA
- Manifold – Give Your Things an Identifier
- Id(enity) Relationship Management, What, Why, Where
- Overlays 101
- Making OAuth Work on the Open Web
- Data Store Interop?? How Do We Bridge Private Island of Users?
- What’s In Your Wallet? + Who Is In Your Wallet?
Thursday
Session 1
- OAuth Security 4 Dummies
- Canonizer! Distributed Governance ~ if we can establish identity
- ME2B: Creating a Non-Surveillance Capitalism Market
- DIDAuth + Obj. Cap.
- Bliss & Emptyness ~ A Buddhist Approach to Identity
- What’s In It For Governments? (Potential Use Cases)
- Overlays 101
Session 2
- Dual Tokenomics – Virtous Behavior – Mechanism Design – Fixing the Broken Single Token Model
- MyAI – Gaining Insight Into Your Own Data
- Consent Management – Receipts Practices Standards
- How Should a Blockchain Social Network be Moving on Digital Identity Now?
Session 3
- Sovrin Interactive Demo III
- Blockchain Myths & FAQ
- What Every Identity Professional Should Know ~ An Introduction to IDPro
- The Orgbook – Watch Us Create A Concept Map!
- Ask A Millennial About Identity
- W3C Strong Auth & Identity Workshop Dec 10 – 11 ~ Ideas + Design of Workshop
Session 4
- R&E Identity – Where Do We Go Next?
- LifeScope Demo & AMA
- Defining the SSI OS
- The Great Dalmuti ~ What we should consider about Identity as Learned from a card game –
- Standards Don’t Suffice
Session 5
- How Data Analytics Will Change Thanks to SSI
- LIfeScope Demo & AMA --- continued
- Democracy.Earth – Exclusive Announcement
- Vegan Atheist Crossfitter ~ Which do you mention first?
- IIW Wikipedia Page! Help Us Strategize to Get One Finally
- Defining SSI Layers Workshop
IIW 26 2018
Tuesday
Session 1
- 3D’s of Identity (agents, relationships, ATTR’s)
- 101 Session / Introduction to OAuth 2.0
- A Primer on Verifiable Credentials and Decentralized Identifiers
- GDPR What (Identity Stuff) is it GOOD for?
- Identity Agents & HUBS: Messaging API’s & the “Layer Model” & Functional Architecture for S.S.I. Blockchain – working session
Session 2
- IDPro Organization
- 101 Session / Open ID Connect
- RWOT 6 Biometric Principles White Paper Review
- Identity Wallets are not Crypto Wallets
- Cat Herding – Building Consensus
- Capabilities 101 Lunch
- Functional Identity 101
- Use = Self Sovereign Bill of Rights = To Update Real Estate Consumer Bill of Rights
Session 3
- Self-Sovereign Agent Communication
- 101 Session / Introduction to UMA = User Managed Access
- Yo GDPR: Terms WE Assert and Sites & Services Agree to Check
- Distributed Social Networks (Activity Pub etc…)
- Could Native Secure Access
- Agent Communication
- Mobile Driver’s License (mDL)
Session 4
- What Are The ‘Wallets’ visions/projects – Do We Need a Working Group?
- 101 Session / NIST Digital Identity Guidelines
- Digital Puerto Rico
- User-Managed Access: The BLT Sandwich – Business, Legal, Technical – Use Cases Mappings
- Intro to DID Auth
- Fedromp High FAL3 + AAL3 What is Required?
- Decentralizing Reputation (with blockchains?)
- The Future Of PRIVACY While Accessing PUBLISHED CONTENT
Session 5
- Fast Fed – Making SSO Easier to Set Up. Intro and Looking for Others Who Are Interested
- 101 Session / Self-Sovereign Identity (SSI) DID’s, Verifiable Claims etc…
- Building A Sovrin Linked Permissionless Ledger for Data Analytics
- Compatibility JSON-LD & Indy Proof Request Exchange
- Armor Up – The Gravity Wars ~ Real World vs Virtual Reality and the Human OS
- SISA’s = Standard Information Sharing Agreements
- OAuth + SPA (Single Page Apps) Can We Just Use Code Flow Everywhere
- Digital ID for Stateless Refugees
Wednesday
Session 1
- What is Sovrin? How to become a Sovrin Steward. Self Sovereign Identity 102
- WebAuthn + DID Auth
- Agent/Wallet? What is Agent? What is Wallet? Are They The Same?
- Decoupled Flow for OAuth (AKA CIBA)
- Zero Knowledge Proofs 101
- Native SSO for Mobile Apps
- Agent Communication Message Types + Names Spaces
Session 2
- DKMS Demo
- TheOrgBook / Permitify – Bootstrapping SSI Using A Gov DID/Ver Cred Workflow Implementation
- DID Ledger Lightening Talks
- What Do You HATE about OAuth?
- Publishing & /Advertising After 25 May ADPR Day
- Consent As A Service: Making Consent Compliant & Effective
- MyCUID/CU Ledger Update & Workshop
- Path To Adoption for Self-Sovereign Identity & An Idea For Soverin / Use Cases For
- Digital Puerto Rico Part 3
Session 3
- Quest For The Mnemon Seed #1
- Bringing The Best of IIW to India / Making IIW a Global Decentralized Community
- Open ID Foundation – Fast Fed & DIDC Federations = Enough Similarities to Share/Merge?
- Philosophy of Conscious Body w/Tech, ID Experience & S.O.U. Sovereign Ownership Under Law Prize 10M
- Saving Democracy What Could Happen
- DID Auth Workflows (Part 2)
- IaM and IoT
- Digital Guardianship
- Outsourcing GDPR Using UMA
- IAB Transparency and Consent Framework
- Sovrin – Exploring Building an Alliance Wants & Needs (especially if you aren’t Evernym)
Session 4
- The Business of Self-Sovereign Identity
- Kantara Consent Receipts – Communicating User Consent Between Data Controllers
- The “ID” of KIDS
- Expanding Language = The Identity of Words ~ Amebic / Shape Shifting
- Discussing + Examining CULTURAL BIAS In Specifications and Other Technical Documents
- An Analysis of S.S.I. Using Appreciative Inquiry
- Mobile APP - APP OAuth
- SAML Interoperability Deployment Profile
- DID Resolvers & DID JWT
- Easy POST Quantum Signature with Block Chain
- Separable Identifiers & Intersectional Collaboration
- Do-It-Yourself password free! – Cryptographic Authentication for Web Apps
Session
- Indy 301: Attribute Based Credentials & Zero Knowledge Proofs – Secret Contracts Private Computation
- Secure Elements DICE & TPM
- Communications Words Storytelling For Humans
- GDPR AEORR (requirements + capabilities) Interactive Design Session
- Consequential I.D. – How Not To Reinforce Power Imbalances in the Systems You Implement
- Phone # Global Identifier
- ORCID: What Should It Be Considering?
- Veres One (DID Ledger) Deep Dive
- Open ID v. FIDO v. SSI
- TLS Flex Expanded Library Support For Alternate Certificate Sources
- How Are You Making Money In The Sovereign Ecosystem?
Thursday
Session 1
- Solving Professional Credentialing – A Dialogue w/Projects & Companies
- Soliciting YOUR Input (help a newbie!) How do You Want To Wield Your Data To Get Things Done? Commerce & ID
- Zero-Knowledge Prof’s 101 ENCORE – Only Highschool Math
- User-Controlled GDPR Consent Cookie
- Cooperation Among Our Communities Owning Interoperable Identities. A Cooperative?
Session 2
- InSide Out SID’s (Standard Immutable Delegation) & Trustless Distributed Computing
- Future of SSI: Tech Scalability & Onboarding Issuers & Identity Holders to Identity Blockchains
- REAL Federation
- PDX – Personal Data Exchanges – Possibilities Why/What
- Addhaar Pros + Cons
- Contributing to W3C Standards
- Comparing Info Without Revealing It
- Agent-Centric v Data-Centric Reality
- Digital Puerto Rico – Part 4 of 3
- Beyond Early Adopters – Getting the World to Inform What We Build!
- Identity Hub Personal Data Store – Soverin Agents – The Grand Unification
Session 3
- Mydata Movement – Looking at Identity from the Perspective of Human Centric Personal Data Management.
- eIDAS & SSI
- Self Sovereign – Reputation – Radical – Disintermediation + 2 Sided Networks
- Using Identity Tech To Keep People Safe in the Real World
- How Agents + Decentralized Interfaces Help The De-Siloazation of IoT
- Designing Ourselves Into The Future & Humanizing DID’s + VC’s
- Hyperledger – Who/What/Where/Why Open Source
- Breaking Digital Gridlock – Banking and Identity
Session 4
- Massively Multiplayer Online Secure Environments (Games!)
- Who Am I? (story time with Markus)
- A Self Sovereign Technology of Stack HIE of ONE
- Digital Divide & Gender Equality in Indian Emerging Markets
- Value Network Mapping Market Models 4 Self Sovereign Ecosystem
- A Conversation About RECOVERING…. A Forgotten Credential Security
Session 5
- CRBAC An Introduction
- The Sovereign Web-Of-Trust Model / Dynamic Web of Trust?
- ID & Connected Vehicle
- ”Machine Readable User Asserted Terms for Privacy” An IEEE Standard Working Group
- Delegation of Authority for Organizations + Services w/DID’s + VerfCreds
- WHAT IS YOUR PROBLEM? (Bring Me Research)
IIW 25 2017b
Tuesday
Session 1
- 101 Introduction to OAuth2
- DHS S&T IDM Program’s R&D
- DIF Technical/Recap and Roadmap Discussion
- App Auth Q & A RFC 8292 BCP 212
- Blockchain Democracy
Session 2
- Self-Sovereign Identity #
- 101 Introduction to OpenID Connect
- Is Your Data Legal? Meaningful (oxymoron?) Consent
- ‘Fixing’ The Consumer IOT/Smart Home User Experience
- 6 Degrees of Identity Freedom
- DIF Did’s In-Depth (w/Review of Contentious Bits)
- Token Binding for Cookies – OpenID Command OAuth
- Intro to Hyperledger “So you think you need a Blockchain…”
Session 3
- Mutual OAuth Distributed OAuth
- 101 All Things UMA (user managed access)
- Concerned About Centralized Authority? Let’s Make It Participatory
- Implications for the End User of How You Design A Blockchain For Digital Identity
- Aadhaar
- Information Sharing Agreements (ISA) – First Party Terms That YOU & I Proffer: V2.0 of the Commercial Web
- The Big, Big Picture = Identity Money Topology – A Conversation
- Identity Agents: It’s not just what you know, it is what you can DO – Personal Data Stores—Extensible API’s
Session 4
- RISC – Working Session
- 101 NIST – Digital Identity Guidelines ‘101’
- Blockchain Security & Privacy R&D Lessons Learned and Gaps
- Fixing Social Security Numbers = Blockchain, Good Identity, Don’t Break Existing SW
- Functional Idenity
- Public Blockchains AND – Private UMA) User Managed Access_User_Managed_Access)
- Open ID Connect CIBA Explained
- Identity Concepts Around The World
Session 5
- Public Blockchain Addresses FOR User-Centered Digital Signatures
- 101 Introduction to DID’s, Verifiable Claims and Blockchains
- Blockchain Interop Chameleon Nodes?
- HOLOCHAIN P2P Apps Without the Blockchains Problems for Scale, Speed, Cost & Governance
- Next Gen Phishing (all your OTP belongs to us)
- Yubikey Usability Study – Results for lab + longitudinal study
- IDPro = Help Build Next Gen of ID Professionals
Wednesday
Session 1
- Intro to Sovrin
- Two Short Talks on Capabilities
- Distributed ID System Patterns with Distributed Systems
- DIF – Universal Resolver + Universal Registrar (DID’s across blockchains)
- Minute Money? A new currency based on A NEW PARADIGM – Time AS Money
- DNS Based OpenID Connect Discovery
Session 2
- Triple-blind Brokered Identity Federation
- First Party World: People in charge via GDPR by 25 May 2018 – Calling Lawyers & Geeks
- Ecosystem Map – Explore Where Could It Go – Insight Treasure Hunt
- Estonian ID Cards Internet Voting
- DIF Identity Hubs Deep Dive & Spec Feedback
- NO Identity – ID As A Collection of Verifiable Claims
- Gender and Diversity in the Valley – A Listening Circle to talk about all the stuff
Session 3
- Group Privacy
- Building Community for SOVRIN and Hyperledger Indy
- Dgital ID in Cities – Use Cases and Pilots
- How ‘Private Sharing’ Breaks the See-Saw or Do More With Data, Not Less or Thank You GDPR
- Intro to Cryptocurrencies, Tokens, Token Distribution Events, and Tokennomies #ICOs
- Where Is My Personal AI?
- Verified Organizations – Bootstrapping a Self-Sovereign Identity Ecosystem via Government Services for Organizations
- Proofing + Assurance Combo – ID Proofing & Standards for Identity Assurance Across Systems ?
- Intuition Session Including Ego Identity to Field Identity
Session 4
- RISC Working Session
- Identity For All
- Decentralized Identity, OAuth, OpenID and How They Can Fit Together
- Know Everything About a Customer, But Know Nothing – How intentional amnesia can be good for Security & Privacy
- Science of Persuasive Communication
- Mental Models of Identity
- The GDPR Is Making Me TRACK MORE
Session 5
- OpenID Working Group: Fast Fed Intro and Discussion
- Identity Smart Contracts on Ethereum
- MANIFOLD – A Self Sovereign Internet of Things Platform #Picos
- Fluid Boundaries of SELF and implications for self-sovereign identity
- Reputation as a Primal Use Case for Data Intensive Appllications of Decentralized Identifiers
- Distributed Token Validity – A Different Approach To Local Govt
- Digital Identity of K-12
- OIDF RISC Working Sessoin
Thursday
Session 1
- A Bank/Telco Use Case Exploration – Working Session to Go Through Project Details
- Lost Identity – Post Disaster Recovery (Nor Cal Fire, Puerto Rico)
- Bringing It Together – DID + What We Already Have = How Do They Work Together
- Autonomous Agents & Identity Delegation (JHV Research Project)
Session 2
- Alexa Identity – What Would You Want?
- The GS1 Identity System
- Indieweb.org
- Sovrin Ecosystem
- 500 Years of Identity & How Does Nature Do Identity?
- Intuition Part II
Session 3
- Rat Hole (Round #3) OIDF RISC UG
- Signatures and Selective Disclosure (show me the math)
- Networks v. Ecosystems & Identity
- Accountability vs. Safety in Permissioned Decision Systems
- What Should Large NGO Organizations Be Doing to Help? What Role Should We Play in This Ecosystem?
- Discussion on Constrained Devices and OAuth2/OpenID Conn – Including JCOR!
- Fashion Wearables IOT DEMO ~ 360 Fashion Network www.360FASH.com
Session 4
- DKMS – Key Recovery Summit: Biometric Recovery, Cold Storage, Social Recovery
- Using DIDs to Bootstrap Scondary Communications Channels and Move to New/Different Protocols
- The Human O/S Defending Privacy by Understanding I.T. Forces and Managing Human Nature
Session 5
- Reputation II – Data Intensive Applications Using DID’s
- How Many Blockchain Tokens Will There Be?
- Diversity In Digital Identity
- Identity + Reputation, Enabling New Business Model for Open Source Projects
IIW 24 2017
Tuesday
Session 1
- Self Sovereign Identity Container
- Introduction to OAuth2
- Decentralized Names and ID’s Working Group – DID101
- IDPro
- oram v1.0 bit.ly/joram100
- OIDF Modrna WG UpDate
- 12 Competencies for Network Leadership
- Digital Inclusion
Session 2
- Digital India
- Introduction to OpenID Connect
- Decentralized Names and ID’s (continued)
- JLINC overview demo discussion
- Delegated Account Recovery – Kill the “forgot password” email
- Build Badass Identity Team
- Consent-Informed Attribute Release for SAML/OIDC at Scale
Session 3
- Privacy Preservation and Controlling Correlation
- 101 Introduction to User Managed Access (UMA) 2.0
- IEEE 2410 Biometric Open Protocol Standard (“BOPS”) EXPLAINED!
- If You’re Hiring a Student w/a Masters in IDM – What do you think they should know?
- Your Terms that Sites Agree To (rather than the other way around)
- OpenID Connect Account Porting Overview
- Hybrid Personal Cloud – Applying devops open source tech to personal IoT
- Identity Storage and Compute Working Group
Session 4
- Intro to Fast Fed (new passport standard)
- 101 MFA, 2FA, FIDO
- Intent in Open Source
- 10_Foot Platforms – Device Pairing
- AI DAO’s & ID
- JLINO Deep Dive – Tip Toe in Shallow End
- End-to-End Crypto SDK for Deve
- Picos Everywhere
- Identity Storage and Compute (contained)
Session 5
- Token Binding – Proof-of-Possession for cookies, ID Tokens JWt’s & OAuth Tokens
- Blockchain 101
- Why isn’t IIW Wiki Secure?
- HashO: IO Protocol – Web of Trust + Blockchain + Proof of Work + IPFS
- Intro to Sovrin
- Intuition, Identity, Internet
- Beyond OAuth2: End-to-End Microservice Security
Wednesday
Session 1
- DID 101 – Decentralized Identifiers & how they are the key to interoperable self-sovereign ID
- IEEEE/SA, Evernym, iRespond, SWIRLS – ADV The Human STD Hackathon (100K Refugee Framework)
- Fair Dice Roll’s in On-Line Game’s using Blockchains
- Application Identity and Trust in Healthcare and beyond
Session 2
- How to Live with Shadow IT
- Neural Science of Persuasion
- Attestations and Identity Data Formats
- ID PRO Body of Knowledge & Taxonomy
- Intro to Verifiable Cliams by W3C VCWG Members
- Publice vs Private Data – What can we share?
Session 3
- DKMS = Decentralized Key Management System
- What is it like to be part of a working group?
- Storing Crypto Credentials
- The UX of Secure Key Management Trust Frameworks
- DID TLS
- OTTO Schema
- 3K/Distributed Identity
Session 4
- Digital India II (part 2)
- libsovrin Hacking – Zero Knowledge Proofs Selective Disclosure and Predicate Proofs
- 5 Types of Privacy on DLT
- End-User Identity Paradox “Curing Identity” – Don’t lose your phone #
- Using Sovrin for Decentralized Student Profiles – A Proof of Concept
- Identity Hubs Technical Resolutions and Planning
- Correlation Marketing Solicitation (not criminal) and Identity
- Trust Frameworks!
Session 5
- Levels of Assurance
- DID Auth (Interoperable auth’n w/DID’s)
- Making OAuth2 Secure
- Multiple Useres (IDs) of a Single Consumer Electronics Device (e.g. TV) How to make it happen
- Reinventing National Identifyer Systems ex Austria
- Certified Self-Sovereign Signature (An e-prescribing example)
- How do People Manage Identities? Prelim findings from user research in India
Thursday
Session 1
- DID Service Discovery
- “Verifier Impersonation Resistance”
- Functional Identity
- “It’s a Pain In The Ass, But it’s Well Supported” (FIdM)
Session 2
- Privacy – Preserving Geo Location & Other “mystuff” Services
- SovrinID Card – What should it do?
- Pop-Up Enterprise
- OTTO –Ifying – FAST-FED?
Session 3
- Digital Life Collective Cooperative “The Web we want” – Getting to Actual Effects with Identity
- Usability for Identity Management
- PICO’s in Practive
- 3J/Agents for I.O.T.
Session 4
- 4A/Reputation vs Identity – Definition Perspectives
- Make XDI GREAT again!
- Anonymous Claims Authentication
- Sharing a Systems Leadership Strategy to Catalyze an Identity Ecosystem
Session 5
- 5A/NO RAGERETS
- 5F/Come Talk About All The Acgouat Recovery Systems
- 5G/OAuth JAR Working Session
- Will Nationalism – Populism – Isolationism kill identity Fed attribute exchange? How do we prevent the reification of Statism in next gen ID systems & thought
- Personal API
IIW 23 2016b
Tuesday
Session 1
- Introduction to Blockchains
- IndieWeb Into – Own Your Web Identity / Interoperate with other people + Silos
- CHEDDAR: How you get sites to agree to YOUR terms via Privacy Badger, ABP on Browsers/VRM For Real
- Why do (people make) Sessions Expire? And what can we do about it?
- API Security Patterns BYOP
- Sovereign Technology
Session 2
- What is Sovereign Identity?
- Personal Data Ecosystem Consortium (trade ass) What can we do for you? What can you do for us?
- UMA = User Managed Access 101!
- Blockstack: The Global Identity Database
- C-DAD Cross-Domain Application Deployment “simple federation” (for enterprise apps)
Session 3
- Universal Compiler Demo
- Multi Party Delegation –It’s not UMA ….Yet!
- Why Won’t Blockechain save the world? Gaps? What’s an alternative?/What Doesn’t go on blockchain?
- Plugging Identiity Components into AAD B2C to get access to relying parties
- SCIM Interop Discussion
- My Device My Data ~ My Data My Device
Session 4
- JLINC Protocol for Data Sharing Chain of Custody
- The Hard Problems of Storing Identity Information
- My Things Are Me! Who backs claims for my things?
- Modern Identity Initiative - Working Title A thought on using the ICANN/IANA model for hosting personal identity
- OpenID Connect WS / Mix-up & Cut-n-Paste Mitigation Discussion
- Towards a Common Ontology for Personal Data Interoperability ~ Or just a Pipe Dream?
- Scalable Consent – Effective, informed, revocable, . multiprotocol consent + attribute release, UI, infrastructure, informed content
- Constructive Notice – What Must We Do?
Session 5
- Consent Receipts – 101 & Update – Closing the loop with users
- R & D Funding for your Project! (Identity and Privacy) Come hear how you can get it.
- Identity and Payments – ACH, Blockchain, Credit, Debit, P2P
- Blockchain Consensus Protocols
- UX Design of Identity Systems
- Open ID Connect hint on the URL – fight IP “authentication’ change EZproxy!
- SCIM & OpenID Connect: From Co-existence to Harmony
- Anonymous Credentials – Will they ever be practical?
Wednesday
Session 1
- Bridge to #Meatspace – Use cases, Tech for Transfer, and verifying Idenitity at Point of Service
- What if…. UMA RPT was an OpenID Connect Access Token?
- PDEC How can we help you? Personal Data Ecosystem
- Black Box Algorithms & “Personalized” Services
- Body of Knowledge for ‘Idenity Professionals – What Domains do we need?
Session 2
- Signed Consent (on a chain)
- Monolith to Microservices – Securing w/OAuth, OpenID Connect, JWT
- Talking About Power Asymetry
- E.R.A.S.M.U.S. – proposal for Emergency.Responder.Authentication.System for.Mobile Users
- Sovereign Identity AND Lending
- Practical UMA – curl commands etc…
Session 3
- Sovereign Identity – (Part Two) How is it enabled by the blockchain.
- $1M Does Your Project Stack Up? Come find out
- Identity & Privacy: It’s Canada’s Game!
- I Just Bought Your Smart House, Now What?
- OpenID Connect RP Testing
- So you are the professor…what is the curriculum for Introduction to Identity Management
Session 4
- Identity Events = RISC, LogOut, Revocations
- Demo Hour Redux
- OIDF – EAP Use Cases
- People’s Digital Identity Life Cycle
- CHEDDAR Implementation ‘on server” + “on client”
- Trust Frameworks Explained – in 20 min.
- Privacy: Confusion of Identities in our Daily Life
- UMA + JLINC – Signed contracts on a Blockchain?
Session 5
- Bridge to #Meatspace Part 2
- Personal API’s @ BYU
- Password Manager API’s
- OIDC Identity Federation
- Common Ontology for Personal Data Interoperability – (Part 2) The What and How
- Identity for the next 1.5 Billion!!
- UMA Legal
Thursday
Session 1
- Continuous Client “Authentication” for API’s
- Sovereign Identity Part 3: What are the Challenges?
- Consent & User Rights – GDPR 101
- SimpleSAMLphp - Project Overview & Roadmap
Session 2
- Identity in Ten Hundred Words
- Ecosystem Maps: - Org History, Protocol Family Tree, The Neighbors & Other Maps
- Sovereign Identity on Your CellPhone with YOTI
- S.A.L.S. – Launching Soon = IDESG/ID Ecosystem Steering Group
- SimpleSAMLphp Use Cases. How are orgs using SSP?
Session 3
- Fixing Marketing + Service with VRM – intent casting & personal API’s
- Protocols for Sovereign Technology
- Weaponized Biometrics? Revocable Biometrics
- SimpleSAMLphp –Code dive + How can you contribute?
Session 4 / Working Lunch
- OTTO – Open.Trust.Taxonomy.Operators – For Federation
- ID2020 Design Shop Planning / for May 21-22
- SimpleSAML php Nearterm Roadmap – feature requests,who wants to build what?
Session 5
- So You Want To Run A Standards Group
- Service Chaining with ZBAC / JWT Assertion Prodile vs STS for the Rest of Us
- Home Environmental Data, SPIMES & Engineered Privacy
- Token Based Federations
- Simple SAML php More Building!
- UMA Legal
IIW 22 2016
Tuesday
Session 1
- Introduction to Blockchains
- IndieWeb Into – Own Your Web Identity / Interoperate with other people + Silos
- CHEDDAR: How you get sites to agree to YOUR terms via Privacy Badger, ABP on Browsers/VRM For Real
- Why do (people make) Sessions Expire? And what can we do about it?
- API Security Patterns BYOP
- Sovereign Technology
Session 2
- What is Sovereign Identity?
- Personal Data Ecosystem Consortium (trade ass) What can we do for you? What can you do for us?
- UMA = User Managed Access 101!
- Blockstack: The Global Identity Database
- C-DAD Cross-Domain Application Deployment “simple federation” (for enterprise apps)
Session 3
- Universal Compiler Demo
- Multi Party Delegation –It’s not UMA ….Yet!
- Why Won’t Blockechain save the world? Gaps? What’s an alternative?/What Doesn’t go on blockchain?
- Plugging Identiity Components into AAD B2C to get access to relying parties
- SCIM Interop Discussion
- My Device My Data ~ My Data My Device
Session 4
- JLINC Protocol for Data Sharing Chain of Custody
- The Hard Problems of Storing Identity Information
- My Things Are Me! Who backs claims for my things?
- Modern Identity Initiative - Working Title A thought on using the ICANN/IANA model for hosting personal identity
- OpenID Connect WS / Mix-up & Cut-n-Paste Mitigation Discussion
- Towards a Common Ontology for Personal Data Interoperability ~ Or just a Pipe Dream?
- Scalable Consent – Effective, informed, revocable, . multiprotocol consent + attribute release, UI, infrastructure, informed content
- Constructive Notice – What Must We Do?
Session 5
- Consent Receipts – 101 & Update – Closing the loop with users
- R & D Funding for your Project! (Identity and Privacy) Come hear how you can get it.
- Identity and Payments – ACH, Blockchain, Credit, Debit, P2P
- Blockchain Consensus Protocols
- UX Design of Identity Systems
- Open ID Connect hint on the URL – fight IP “authentication’ change EZproxy!
- SCIM & OpenID Connect: From Co-existence to Harmony
- Anonymous Credentials – Will they ever be practical?
Wednesday
Session 1
- Bridge to #Meatspace – Use cases, Tech for Transfer, and verifying Idenitity at Point of Service
- What if…. UMA RPT was an OpenID Connect Access Token?
- PDEC How can we help you? Personal Data Ecosystem
- Black Box Algorithms & “Personalized” Services
- Body of Knowledge for ‘Idenity Professionals – What Domains do we need?
Session 2
- Signed Consent (on a chain)
- Monolith to Microservices – Securing w/OAuth, OpenID Connect, JWT
- Talking About Power Asymetry
- E.R.A.S.M.U.S. – proposal for Emergency.Responder.Authentication.System for.Mobile Users
- Sovereign Identity AND Lending
- Practical UMA – curl commands etc…
Session 3
- Sovereign Identity – (Part Two) How is it enabled by the blockchain.
- $1M Does Your Project Stack Up? Come find out
- Identity & Privacy: It’s Canada’s Game!
- I Just Bought Your Smart House, Now What?
- OpenID Connect RP Testing
- So you are the professor…what is the curriculum for Introduction to Identity Management
Session 4
- Identity Events = RISC, LogOut, Revocations
- Demo Hour Redux
- OIDF – EAP Use Cases
- People’s Digital Identity Life Cycle
- CHEDDAR Implementation ‘on server” + “on client”
- Trust Frameworks Explained – in 20 min.
- Privacy: Confusion of Identities in our Daily Life
- UMA + JLINC – Signed contracts on a Blockchain?
Session 5
- Bridge to #Meatspace Part 2
- Personal API’s @ BYU
- Password Manager API’s
- OIDC Identity Federation
- Common Ontology for Personal Data Interoperability – (Part 2) The What and How
- Identity for the next 1.5 Billion!!
- UMA Legal
Thursday
Session 1
- Continuous Client “Authentication” for API’s
- Sovereign Identity Part 3: What are the Challenges?
- Consent & User Rights – GDPR 101
- SimpleSAMLphp - Project Overview & Roadmap
Session 2
- Identity in Ten Hundred Words
- Ecosystem Maps: - Org History, Protocol Family Tree, The Neighbors & Other Maps
- Sovereign Identity on Your CellPhone with YOTI
- S.A.L.S. – Launching Soon = IDESG/ID Ecosystem Steering Group
- SimpleSAMLphp Use Cases. How are orgs using SSP?
Session 3
- Fixing Marketing + Service with VRM – intent casting & personal API’s
- Protocols for Sovereign Technology
- Weaponized Biometrics? Revocable Biometrics
- SimpleSAMLphp –Code dive + How can you contribute?
Session 4 / Working Lunch
- OTTO – Open.Trust.Taxonomy.Operators – For Federation
- ID2020 Design Shop Planning / for May 21-22
- SimpleSAML php Nearterm Roadmap – feature requests,who wants to build what?
Session 5
- So You Want To Run A Standards Group
- Service Chaining with ZBAC / JWT Assertion Prodile vs STS for the Rest of Us
- Home Environmental Data, SPIMES & Engineered Privacy
- Token Based Federations
- Simple SAML php More Building!
- UMA Legal
IIW 21 2015b
Tuesday
Session 1
- HEART & iGov
- Finding Customers for VRM Products
- SCIM is Done – Intro Q&A
- Basics of Blockchains
- Mobile Launch of MODRNA – Overview/Update
- Identity Broker Pattern – 15 Fundamentals
- Questions: Why JWT? SAML vs OAuth vs JWT
Session 2
- Open ID Connect Logout Mechanisms Progress + Status
- A Registry Directory ~ based on BLOCKCHAIN that is ROOTless & NOT Centralized
- HIE of ONE Personal UMA Authorization Server Project
- myTERMS User-Asserted Terms (Mozilla + Customer Commons + Others)
- Fast Modular Exponentifition in JavaScript for Cryptographic Authentication
- OIDC vs SAML - What are you missing & how do you solve that?
Session 3
- User-Managed Access (UMA) Intro & News
- Attribute Privacy in Federated Model
- What is the Impact of the Blockchain Technology to the PKI base eID Schemes?
- Thinking in Crypto….. #Rebooting Web of Trust
- Azure AD Integration in Windows 10 – What does it mean to have a orgID Cloud Identity
- An IDENTITY Rocku-Mentry ? A documentary about the past, present + future of Identity in the IIW Community
- OIDC OP Testing – hands on
Session 4
- Defining Consent – Collecting Personal Information with Notia Consent Receipts
- XDI (Extensible Data Interchange) and Semantic Dictionaries (an update on XDI Core I.O and XDI.org)
- OAuth 2.0 for Native Apps (draft IETF best practice) NEW!
- Making Money from Grassroots, Distributed ID Platforms (???)
- Is OpenID Connect + OAuth + UMA Complete? Why Should I switch from SAML + ID-WSF2 + Xacml?
- Burning Bridges and Breaking Brokers
Session 5
- Consent Receipts in UMA
- SCIM Interop Discussion
- XDI Registry Working Group – a rootless, decentralized, lookup service empowering the personal data ecosystem - based on the bitcoin blockchain
- Potential Roles for BLOCKCHAIN in Identity
- Personal Learning Environments (Domain of One’s Own, LMS, etc…)
- AAD in Windows 10 (Part 2) Now that I’m Joined…
Wednesday
Session 1
- Vectors of Trust
- Re-Delegation and Revocation with OAuth
- International Perspectives
- BlockChain Use Cases (not Bitcoin, not identity centric) & Distributed Ledgers?
- Identity Film – Brings IIW & Core Topics to Life…
- Account Chooser Working Group
- Open ID Connect Certification: The news from the trenches – Google
- Non-Person Entities – Delegation, Proxy and WS02, API manager
Session 2
- Multi-Protocol Frameworks for Personal Data Ecosystems
- Decentralized Directories/Registry (using blockchain)
- Dynamic Client Registration Security Issues
- Ethereum a general purpose BlockChain
- Next Steps after Ad Blocking (200 million votes for what?)
- Selective Disclosure – “I’m older than 18, you don’t need my birthdate” Principles, Open Questions
- Post Password World – How do we get there? BRING IDEAS!
Session 3
- Trust – EI – AKA “Stepped-up Authentication” with UMA and Connect
- U2F Update – including mobile, passwordless, and more…
- Blockchain Auth: Passwordless login with the Blockchain using JSON wcb tokens
- Delivering Oauth Tokens to Things (or NAPPS 2.0)
- Book Preview! OAuth2 in Action
- Citizen Data Schema – SCIM, IWTs, OIDC/Interoperability of National eIO programs
- BlockChain & UMA – Two Great Tastes… Do They Go Together?
Session 4
- RISC – Sharing Security Events among Service Providers
- Societies of Things
- OIDC RP testing – hands on
- PDEC - Personal Data Ecosystem Consortium. Who Cares about our Personal Data? Mapping Innovations and showing the way...
- XDI Registry Working Group (Mtg #2 of 2) More “Pumpkin Theater”
- SCIM Credential Mgmt Discussion
- Forbidden Knowledge – Genomes, Facebook, and other High Dimensional Data
- Identity Proofing – Can it be done well? Especially Remotely?
- Speed Demo Reprise
Session 5
- IoT Privacy Personal
- UMA – Interop testing, ARP use case
- HELP! Federated Profile Across the Autodesk Knowledge Network – Ideas? Standards? Architectures? Suggestions?
- Thinking in Crypto – Signing JSON ?What are your best practices?
- Thought Experiment: What if sites opeted-IN to USERS? (DNT + TPS + Uses Submitted Tags)
- Privacy from Cradle to Grave “What is the effective consent?”
- What Does “LogOUT’ mean?
- Security LOFT – A volunteer organization promoting modern APP Security Standards!
- BlockStore: Scalable Secure Storage with the Blockchain
- Exploring Possibilities for Citizen ID Cards – A whitepaper re: core concepts/good designs
Thursday
Session 1
- The Permanent Web
- ABAC – Attributed Based Access Control
- First Experiences with the Estonian e-Residency ID
Session 2
- How will Current and Legacy ID Specs (SAML,OIDC, OAuth…) Interact and/or be Replaced by BlockChain Technologies?
- Help Phil outline Digital Identity 2nd Edition
- OTTO – Private BlockChain HELP
Session 3
- The CULTURAL Barriers to Privacy
- IDENTITY – Is it always “On”? and Who should control the switch?
- BlockChain ‘Governance’
Session 4
- Mozilla Listens to IIW at IIW 21
- BlockChain VIS a VIS Everything Else ~ Part 2 (Deux)
- All Things Photography
- Customer Funding
- OIDC Federation for Higher Ed
Session 5
IIW 20 2015
Tuesday
Session 1
- Inter-Domain Relationship Sharing & Friend Requesting
- Intimate Wearables (AKA IoT)
- Trust & Consent / Consent Receipts for Personal Data Control
- Hacking Privacy Policy by Managing Politicians
- IndieWeb Principles & Protocols to OWN YOUR IDENTITY
- Personal Data Ownership in a Corporate World
Session 2
- Engaging Voters Through A Policy Management Game
- The Emerging Field of Consent Management – Next Gen UI Infrastructure Under the Hood
- VRM: Customer Needs – Definitions
- Personal Data Ecosystem Consortium – Growth and Opportunity
- Lessons Learned – SAML & OIDC @AWS
- Distributed Capabilities - Systems for Real Time Communication
- Privacy on FHIR
Session 3
- FIDO U2F Update / What’s New & Drawing Board
- Enhancing the Digital Currency Oppoertunity
- VRM: Vendor Needs - Definitions
- (new?) Business Models Based on Reputation
- Mobile Profile OpenID Connect (Part 1 working session)
Session 4
- IoP: Net of Policies – Phil W’s Personal Pot Hole (PPP)
- IETF ACE – Authentication & Authz for Internet of Things / Scenarios & Solutions
- PDEC – Call for Hot Topics / Papers (Personal Data Ecosystem Consortium)
- Mobile Profile of OpenID Connect (Part 2 working session)
- Local RE-Delegation With OATH
- Blending Education, Consumer + Enterprise Identities / Identity in the Academy (and beyond)
- Blockchain and Minecraft – Can Someone Tell Me About B/C @101
Session 5
- Modeling Privacy Policy in a Political Management Game
- The VRM Value Proposition (Biz Model Canvas)
- Account Chooser and Mobile Connect / What must we change?
- Get on the IndieWeb in Minutes
- Notif Update
- How Blockchain Can Solve All Our (identity) Problems
Wednesday
Session 1
- Vectors of Trust
- XDI Review and Demo
- SSO, Hello and PassPort – updates to Identity in Windows
- Cloud for Things
- Can Technology Revolutionize Consumer Citizen Activism
Session 2
- Trust Elevation
- Blockchain Tech 101 + Identity (onename)
- What’s New in Pico’s & Clouds?
- University Community (InCommon, Internet2, Identity Registries, API’s)
- GovTrain – CluGov
- AWS Identity Round Table (Amazon Web Services)
- Privacy Issues Regarding Federated Login’s
Session 3
- Freedom Box Update
- Fluffy are Kitties
- Blockchain Based Authentication
- Bureaucracy & #IoT
- Influencing Social Expectations of Online Info Services Through Ecosystem Codes of Practice
- Workshop: Best Practices of Profiles from 10 Years of IIW
- Business Models Based on Reputation Part 2
- IIW Like Events in Other Countries
Session 4
- Distributing Data Brokers
- MyWave VRM: A Deeper Look
- Terms We Assert / Consent & User Submitted Terms
- VRM In the Developing World
- Honest(er) Ratings System – Let’s Build It
- OTTO = Open Trust Taxonomy OAuthz / Session #1 Charter
- IIW Connectivity Inbetween IIW / A Discussion of Identity
Session 5
- Identity Binding in the Extended Enterprise
- Creating Trust At Scale – In the Sharing Economy (Why do we let strangers stay in our homes?)
- OASIS XDITC - open meeting
- Put a Roter File into a Blockchain
- VRM: Market Maker
- A Guide for Integration of Authentication Technologies
- UMA 101 – Everything You Wanted to Know About User Managed Access But Were Afraid to Ask
Thursday
Session 1
- NAPPS Update – Native Apps SSO (a working group of OIDF)
- Haman Centered Computing/Scenario Planning or Avoiding the Compuserve of Things
- TosBack 2 / Terms of Service + Privacy Policies Archiving + Analysis
- Identity Anthology – Input and Feedback
Session 2
Session 3
- Enterprise Single Sign-On and Social Networking Mobile Centric
- User Terms Continued…
- Digital ID Images – Sharing visuals that you created that clarify some issue.
- Implement IndieWeb on Your Service in Minutes
Session 4
- Open Notice + Consent Receipts Working Call-In/Working Session
- VRM FrameWork: Define the Developer Role in the VRM Framework
- (in)Security Questions
Session 5
- Meet ‘Frank’ The MyWave VRM Personal Assistant
- Architecting a “best” Scenario: Digital Communities that Self-Balance on Reputation, Privacy & other Norms//Pen Names
- Mozilla Listens to IIW
- RISC = Risk & Incident Sharing & Cooordination (working group of OIDF)
- H.E.A.R.T. Working group session – UMA security profile (Health Relationship Trust)
IIW 19 2014b
Tuesday
Session 1
- Notifs .... a new messaging medium
- Interoperable Consent Management
- Account Sharing at the IDP (Identity Provider)
- Boarderless Connectivity (Ambient & Ubiquitous)
- Surveillance Identity and YOU
- Root Identity – Decentralized ID Tech
- Respect Connect Protocol
- Open Discussion: Identity Verification for People w/o Paper Trail
Session 2
- XDI / Respect Connect Person -- Business Connections Demo
- Sustainable Net Protection “After Wikipedia Goes Light”
- OAuth SPOP Working Session of Document in Working Group Last Call
- XDI Graph Editor Demo
- Report Out From Inter-Federation w/Shop: How to Develop Rules for Joining Federations Together
- Amazon Web Services (AWS) and Open ID Connect (OIDC)
- MAFA Mistaking AUTHN for AUTHZ
Session 3
- XDI / Respect Connect Person -- Business Connections Demo
- FIDO U2F Security Key – Emerging Standard Respecting Privacy
- OAuth & Authentication / What can go wrong? Working Session of IETF - OAuth
- Identities of Dead People / Linking Data from Museums, Archives & Libraries
- Model Thinking: A Framework for VRM
- Google “TAPPS” for Education
- LOA’s “Vectors of Trust” and Consumer Protection
Session 4
- For the Greater Good ~ ‘You are not a Special Snowflake’
- Internet of Things (IoT) Door Lock Use Case
- SCIM V2 Intro
- Online Trackers and Advertisers That Use Them
- Trust on Both Sides: Calculating AuthN actions the consumer chooses into HIGH trust for all R.P’s
- VRM + CRM ~ Next Steps
- Building RS ~ AS Trust With UMA
- Travel to….. CYNJA SPACE
Session 5
- Freedom Box “Danube Edition”
- NAPPS Working Session
- Ours or Theirs : A discussion of SSL Trust stories in Identity Protocols
- SCIM APT Extensions: Who wants to add what?
- Investing & Crowd Funding VRM
- Use Managed Access (UMA) … Authorization for Internet of Things (IoT) /IoT & Identity
Wednesday
Session 1
- OAuth WG Status Check
- How Do We Engage and Protect Kids In Cyperstace?
- Health – Relationship – Turst: Come hare about the new HEART WG at Open ID Foundation
- User Consent + Consent Management + STATS + Demo and Discussion
- Firefox Social API: 2 years in, what next?
Session 2
- SCIM API Extensions: Who wants to add what? Interests?
- The VRM Social Network
- Subscribe 2 WEB
- Gold Identity Federation
Session 3
- User Asserted Terms for VRM
- Data Ecosystem Consortium (PDEC) Exploring the Future with Dean
- OAuth Challenge Grant?
- NSA Surveillance in Austria
- Build a New Saas app With Enterprise Identities: What would you do?
- FEM vote. US The RE-Founding Sisters – Real Representation in Virtual Districts
- The State of Anonymous Credentials (discussion)
Session 4
- Open UMA Implementors’ meeting - - interop, feature tests…
- Mobile Darwinism: From mobile to mobility
- VRM + CRM Part2 The VRM Strikes Back
- Amazon Web Services (AWS) and Identity Management: What’s New?
- Conflict Resolution in Community
- XDI Hackathon
- 4CHM – IBM 1401 DEMO (downstairs)
Session 5
- Continuation of UMA Implementors’ Meeting
- Mozilla Listens to IIW
- Threat Based Authentication: Understanding the Risks of RBA
- IoT Modeling with Picos: “Lessons From Fuse”
- Trusting “Trust Frameworks” What needs to regular people have to make this “real?”
- XDI Hackathon
Thursday
Session 1
- UMA Demo
- Micro Services Containers, Reactive Manifesto and… Identity
- OpenID Connect: Easier than you probably think it is
- What Is A Federation?
- Firefox Interest Dashboard
Session 2
- ARM mbed/IoT
- Notifs – (Repeat)
- Vectors of Trust ---- Continued
- The VRM Social Network Part II
- QREDO Rendezvous Protocol
- Introduction to the Indie Web
Session 3
- Twitter in 2015: What do you want to see us do visavis account security , recovery, identity & privacy
- U2F Explained
- The REAL Internet – IoT
- Access Token with Access Control List for IoT
Session 4
- OAuth 2 Scope Design Discuss iom
- VRM + CRM Part 3
- Anchors of Idenity & Account Recovery – Round Table Discussion
Session 5
- NAPPS Working Session Part 4
- Online Voting: What do we need to have happen in “identity” before online voting happens?
- CRM + VRM Branding for Consumers and Developers
- Mozilla + VRM/Intersecting 2015
- Bob’s Kabitzing Tour of the Museum
IIW 18 2014
Tuesday
Session 1
- Respect Network LAUNCH
- Social ID’s in Enterprise
- Indie BOX – Let’s Bring Our Data Home
- Covert Redirect – What It Is/What It Ain’t
- Improving the Mobile Federation Sign-In Experience
- Phishing Blend Authentication and Authorization
Session 2
- JOSE Can You See – A Technical Overview of JWT
- Collaboration For Collective Impact
- Me Depot – Serving Billions
- Intentions vs Identity
- I o T = Identity of Things
- Customer Support for Personal Data Stores
- An Introducing to IndieWeb
- “SCIM” Next Steps
- New OAuth 2-wg – Multi-Party Federation
Session 3
- OpenID Connect – Interop Testing Details
- It’s NAPPS – Enabling SSO for Native APPS
- Engaging End Users – How Do We Get Consumers to Participate in Identity
- “Privacy Lens”
- Ethical Data Handling
- Platform Deep-Dive of: Qredo
- Open ID Connect 101 – How it Works/What is it for
- Join the Indieweb
- Silicon Valley “Culture of Youth”
- Your Digital Traits for STRONG Auth
Session 4
- OpenID Connect – Logout/Session Mgmt (Part 1)
- How Do We Preserve and Protect Identity / Identity Theft
- CAN’T BE EVIL
- FUSE Architecture – PICOS and Connected Cars
- NSTIC – Update From NIST and Roundtable
- IndieAuth – Turn Your Personal Domain Into An OAUTH Provider
- Practice Session for Investor Panel
Session 5
- OpenID Connect – Logout/Session Mgmt (Part 2)
- Personal Sovereign Design
- 4th Parties – Use Cases for Others Besides the User, IDP and Relying Party
- DOXING as Vigilante Justice
- Respect Network plus XDI
- Aging plus Caregivers plus Post Death Identity Mngt
Wednesday
Session 1
- VRM (Vendor Relationship Management) Progress Report
- OAuth Security – Proof of Possession
- Privacy Metrics – What Could They Be? What Should They Measure? Should They Exist?
- Home Owner Personal Data
- We Are The Last Generation of Free People
Session 2
- VRM Adoption Case Study – MYDEX
- HTTPSY – Leave the Certificate Authority Behind
- SAFEnet
- Data Inequality
=
Income Inequality - Channel Binding for Open ID Connect
- ADHOC: UMA Interop Testing Session Thing
Session 3
- Mozilla Listens to IIW
- Real Estate Use Cases
- Shopping for Identity Providers – What do I need to know before I put my identity in your provider
- Functional Model Elements from NSTIC – Personal Cloud Review
- Self ID
- Mobile Connect
- Clarify and Learn About Web Payments and Identity
Session 4
- New Book – Extreme Relevancy
- IoT and Open Standards – Oauth2, UMA…
- Gettign WC3 People to come to IIW19
- Mobile SSO – How We Did It/USIMG/OAuth, Open ID Connect
- OAuth SASL (OAuth for non-web apps, ep.IMAP)
- Post Life Identity Privacy
- Root of Trust
- Investor Pitch Practice (Pt 1)
Session 5
- Be Ready for the AUTHpocalypse – Lightweight/Dynamic Client Registration for IMAP/SASL
- Identity Ecosystems plus the IDESG
- Google – Recent Update and Input on OAuth DevX
- ID Things You Can Do With A “FREEDOM BOX”
- The ID – Lobrary/Film Fest and Anthology – ‘this Community Cannon’
- Help us do Social Media Marketing for the Respect Network Launch
- How To Deal With The Case When The Intended Audience Is Not The Releasing Party
- Lost Dog! User Centric ID Management FIDO and Other Opts
- Bitcoin and Identity
- Investor Pitch Practice (Pt 2)
- NAAPS Working Group
Thursday
Session 1
- In 5min or less – Tell me a Happy Future Story About “IDENITY”
- Let’s create some -Partinent Art – that speaks to our condition and Brainstorming ides about topics for books for children and management – like SCADA and ME
- Reputation
- DNSSEC 101 – intro how it works/my war stories
Session 2
- DARASHA XDI app – Music Library
- AWS QandA
- ACE = Authentication and Authorization for Constrained Environments
- Help Doc prep for the VC Panel
- The Maker Economy and Identity
Session 3
- What’s it Take to get a Customer-Centric Startup to Win Funding? (VC Panel Discussion)
- Kitties are Fluffy!!
- Icons for Privacy
- Where Are the RP’s?
- HOW CSP’s (cloud service providers) and Authentication Providers Fit Together on the RESPECT NETWORK
Session 4
- Start-Up’s Pitching
- Free People Beyond the Next 10 Years – (Continuation from Wed Session/Manifesto Writing)
Session 5
- Start-Up’s Pitching
- Murder via Google Maps
- CAMBRIAN – A User-Centric de-centralized platform for entrepreneurs
IIW 17 2013b
Tuesday
Session 1
- To Switch or Not Switch… Enabling Smoother Transitions Between Work and Personal
- RALLY CRY plus Guiding Principles for this Community
- Internet Of Things – Developing a Classification Framework
- Respect Connect “Demo” Safe single sign on for Personal Clouds
- Where Does Your Project/Product Fit in the Personal Cloud Markey Matrix
- Identity Revocation The RRVS (required recipient valid since) SMTP header
Session 2
- How to Make Money Implementing Attribute Exchange: Services, Solutions andTrust Framework
- A Periodic Table of Trust Elements – Building Real Trust Frameworks from the Bottom Up
- NYM ISSUES (pseudo-nym) Why Do We Need “real” name policies?
- Defining a Simple Use Taxonmy for Personal Data (think Creative Commons)
- Find/Create Killer Product (App) and Win In the Market
- XDI2 Technical Overview
Session 3
- Federation Conversation
- Retiring Protocols
- A Universal Shopping Cart
- Federation Conversation / Blood Bath
- VRM 101 – 2.0
- Idie Box Freedom Box, 8 Personal Clouds
- Universal Shopping Cart
Session 4
- Respect Connect Deep Dive
- OAuth Open ID Connect plus FICAM
- Persistent Compute Objects and The Fabric of Cyberspace and Quantified Everything
- Household ID and Personal Data @ Rest
- Putting Informed in Consent
Session 5
- The Business of Personal clouds
- GreenList Payment Addresses – How to create a new Identity Attribute that benefits everyone on the Planet!
- Secular Connect
- Talking Tag
- Personal Data Ecosystem Architecture
- Skinning the SQRL (Secure QR Login)
- OAuth the parts intro/review
Wednesday
Session 1
- Respect Connect Deep Deep Dive
- User Challenges with Federated Login!! Follow-up From Day 1
- Vertical $ Opportunities – Connecting the Dots in Real Estate – Monetizing VRM By Delivering Billions In Consumer Savings
- ReDelegation in OuathII
- NSTIC 101
Session 2
- Personas and Privacy
- Security Concerns for RP’s I - Session Strength and Reauthentication Proposal from Google
- Identity Revocation PartDeux
- Use Case – Mandated Parent Educaiton
- Personal Cloud Logo Terms
- COZY Cloud – MesInfo
Session 3
- Customer Commons – Creating a World of Liberated, Powerful and Respected Customers
- Building Personal Cloud Applications - FUSE
- FIDO Alliance Update
- Personal Data Ecosystem Consortium – Update
- FCCX Update – Federal Cloud Credential Exchange
- Anonymous Authentication – How Does it Help our Life
Session 4
- Health IT Architecture
- Ontology for the Personal Data Ecosystem
- RP Challenges to Federated Login
- OMIE – customer commons
- Omie Update (Version 2.0)
- Online Data and ID After Death
- Personal Clouds as Media Indexes for Local Sharing
- My Identity – Your Identity
Session 5
- Google’s OIDC’ish Auth Platforms on Android, Chrome, iOS
- Non-Cloud Providing Enterprise Use plus Coordination
- Data and ID after Death
- Intentcasting
- Descant – Data Systems at the Intersection of Story Telling and Data Reputation
- After Email… So How Do We Replace It….What Does It Look Like…]
- Venture Free StartUp Financing and How Respect Network can Earn Income
Thursday
Session 1
- Do Not Disturb Brainstorming – A DNT with TEETH!!
- OAuth 2 Interop Testing
- Mapping Out Our Digital UnConference
- After Email – user experience for all the things we use it for
- Can Identity Proofing Eventually Replace Authen?
Session 2
- How do RP’s Learn of Big Account Changes at an IDP like Google
- Personal Cloud Network - RISK THREAT – Counter Measure Models
- Email: Are We Asking It To Do Too Much?
Session 3
- Exploratory Conversation for Social Good / What Value Does Online Identity Bring to Local Economy
- Privacy - Why Not
- CloudOS Programming 101
- Trust Frameworks - 101 Definitions / 201 Application
- Identity by Presence – The Death of Single Sigh On and Federated Identity
Session 4
- Rally CRY and Guiding Principles (Part 2)
- NSTIC (national strategy for trusted identity in cyberspace) Let’s Get Real!!
- Mapping the Connect Code flow to SAML Artifact Binding to create a server profile
Session 5
- Come to the Movies – UMA
- Cybernetic Augmentation, User Agents and Identity An Overview of One Person’s IIW Experience
IIW 16 2013
Tuesday
Session 1
- MITREid Connect
- Pluggable Privacy Managers
- Rent or Buy Taking Control of Your Credit
- Program Aggregation Layer / How we wrap and deploy solution harmonize licenses for Cust * Com
- Intro to Personal Clouds
- Native Apps – SSO
- What Changes YOUR Information Sharing Behavior
Session 2
- Personal Clouds and the Social Contract
- Strong 2-Factor For All – Google and FIDO Alliance
- User Managed Access (UMA) Intro and Overview
- Next Generation Biometric ID
- What do Leading Consumer Sties Have to Gain by Establishing Themselves as Consumer Identity Providers??
- Personal Clouds and VRM
- Salesforce Identity Q and A
- EGO Identity
- Content Addressable Personal Clouds
- Privacy Features
Session 3
- A2P3 – UpDate and Demo
- Personal Cloud Discovery With XDI
- The OAuth Complicit Flow
- Patient ID and Fair Info Practices for ID
- Patient ID and Fair Info Practices for ID
- Cloudstore Intro: Create Personal Cloud/Develop Apps/Biz Model
- Identity and Currency and Transactions
- Free Trade Zone for Trust Frameworks
Session 4
- Forever: Personal Cloud Application Architectures (Post Web 2.0)
- Is Decentralized Social Media Possible? The Case of Tent.io
- COPPA How Does It Play In the ID Ecosystem
- Anonymous Credentials for enrollment and provisioning data (with NO portals)
- Mobile Single-Sign-On
- Identity Federation: Failed Consumer Experiences and WHat We Can Do About It
- UNHOSTED Personal Cloud Apps for Developers
- BLACK BOX ~ Clouds Architecture
Session 5
- Anonymous – Identity As Meme
- Business of Personal Clouds – Models, Revenue, Investments
- Comparative eID – What’s going on in your country/countries that you know about? AND Identity and Government
- SSO for IdP – IoP Optimization and Alternatives using SAML. DAuth, WS- TR
- The Privacy Phone
- Personal Clouds in Supply Chains – The Enterprise Metaphor
- Exposing Women’s Profiles w/o Gender Profiling
Wednesday
Session 1
- Digital Idenity in Smart-Device eve
- Group Identity
- SCIM Restful IAM & Provisioning Standard – Intro
- Relying Party Assurance IOP Insurance Etc…
- Login – hint for SAML?
- PIXEL Policy Expression Language for Personal Clouds
- Human-to Human Delegation Issues in Open World
- OAUTH Client Registration
- Field Guide to Internet Trust
Session 2
- FIDO Alliance – Fast Identity Online Overview/Nutshell
- DNS vs. XDI
- Faith/Religion and Cultural Context – Influence on… ID System Architecture and User Behavior
- Data Commons Governance – SMART Cities
- Patent Trolls Gonna Kill VRM?
- Customer Commons – OMIE
- White Boards Are People Too
- Private Data Stores
- Privacy – Preserving Accessibility Support with UMA andGPII
- Blue Button and Patient Health Records using OAuth , JOSE
- Data Durability Security Over Time
Session 3
- A Coherent Theory of Privacy
- OAuth 2 Bootstrapping from device to browser (technical)
- VRM Personal Cloud for SMB/SME
- NSTIC – Electronic Health Records and Patient ID
- Trust Frameworks – Cross Sector and Domains
- Customer Commons – new privacy intros
- Biometric Identity Measures that can NEVER be shared or Replicated
- Securing the Personal Cloud – What Should Be Best Parctices?
- Building Burning Man – Online (Identity) Ecosystem
Session 4
- RESPECT CREDITS – Brokering $
Exchange on the Respect Network
- Google’s Auth goals for the next 5 years
- NYM – Rights and Issues – Online pseudonimity and anonymity
- Citizen-Centric Attributes and metadata for use cases between Citizens and E Govs (Social and from Sanctioned)
- The Legal Forum
- All about Identity at AMAZON WEB SERVICES plus what are we still missing?
- Providing 1 Billion People with a Useful Personal Cloud is Cheap and Easy
- Auditable Trust Framework – Patient Privacy Rights
- hat’s In Your Wallet? – Who owns your digital Identities when you leave the leather at home?
- Comparative eID filling the chart - questions/countries
Session 5
- Son-Of-Sopa (SOS)
- DNS vs XDI Who is better at solving which problems… (continued)
- Crypto SSO on Mobile
- Health/QS Vertical ID’s and Vaults
- Open ID Foundation Board Meeting
- 100% Secure 100% Private Personal Cloud
- Persuasion for Engineers
- OAuth 2 Federation – RS trust external AS
- Proofs of Knowledge for Personal Clouds – Real System Demo
Thursday
Session 1
- Comparative eID – Big Picture/ID Proofing/Enrollment/Attributes/Credentials/Uses/Governance/Law Policy
- Architecting – A Self-Regulating Society Theory and Practice
- Audit, Certification and Trust Seals
- Metaphors and Models of WHAT IS “Personal Data” Implications for Policy plus Technology
Session 2
- Practical DATA PROTECTION – Avoidance? EU and US ?
- Who is The Big Gal/Guy that will make personal Clouds Happen?
- PDS plus Personal Cloud *What is Out There *Business plus Technical Perspectives
- Out OF The Ivory Tower (linking theories of privacy identity and risk to practice)
Session 3
- RESPECT CONNECT “Facebook Connect for Personal Clouds” OR “Social Login that Doesn’t Suck”
- Define Personal Cloud Logo Terms
- What Makes Online Identity Durable? Why do some users stick with their online accounts for years while others abandon?
- Applying a Gender Lens on Evolution of the Market for Personal, Household, Small Biz, Clouds/Data plus future of hyperconectivity
Session 4
- Self-Hosted Personal Clouds (FreedomBox and Raspberry PI)
- XDI vs DNS (Continued from Wednesday)
Session 5
- SquareTag Deep Dive (active devices)
- What do Women Want?
- Personal Data Ecosystem – Creating an Open Personal Cloud Community
- Trust Framework – They’re not all about Identity
- Sight Seeing Tips and Tricks – San Francisco and Beyond
IIW 15
Tuesday
Session 1
- Identity Clearing House – Loosely Coupled open standards based architecture for Identiy in the extendedenterprise
- A2P3
- Rhetoric – How do we talk plain language about Identity and Personal Data?
- Privacy by Design – New Oasis Tech comm.. for Sotware Engineers
- Focus on Consumer – Turning fear into excitement, delight about Personal Data
Session 2
- Respect Network Founding Partners
- IDESG – Mgt Council CAll
- VRM Challenge: Let’s Fix Subscription Bin from Customer Side
- IDP - Initiated Layin and Deep Linking for Open ID Connect
- Mobile Specific Open ID Connect use Cases
- Anonymous – political, institutional, cultural and memitc organization without identity
Session 3
- Connect Me and miiCard “Trusted Reputations”
- Account Chooser Launching – Taking the AC Show on the road this autumn – help write the show
- Authentication on Mobile Devices – Crypto and
- Collaboration, Forking, and organic proliferation in the age of the personal cloud
- Customer Commons plus VRM Brainstorm
- Death To NSTIC -2- Long Live NSTIC
- Use Cases for Personal Clouds, Community Clouds, Family Clouds
- Reputation Consulting .05 cents
Session 4
- OAuth Security (Beyond Bearer Tokens)
- NSTIC Pilot Overview – Attribute Exchange Network (AXN) / Demo
- Unleashing the Multimind – What’s next – or could be – in our most personal daily experience and utilization of all this stuff
- Building the Identity Ecosystem Framework
- Kynetx – Personal Cloud Prototype
- Consuming OpenID Connect 101
Session 5
- OX Open Source – OpenID Connect and UMA / Demo
- Personal Analytics and Insight for Consumers – using Personal Data to Enlighten the Individual
- How will Identity plus VRM Change Real Estate and Mortgage Banking
- Secure Identity Without Username or Password
- Location = Control Control = Ownership – How addressing establishes ownership and what to do about it
- XDI Personal Cloud Desktop
Wednesday
Session 1
- Sales Force Identity – The Facebook for Business (Part 2)
- OpenID Connect Session – Management and Login
- External Browser and Mobile Apps
- Identity and API Economy plus Privacy by Design
- The New Privacy
- Manufacturing, Registration Cards and Digital Birth Certificates
Session 2
- Sales Force Identity – The Facebook for Business (Part 2)
- Hybrid Mobile/Nets App Auth With Oauth2 Trickery
- Liberating Personae from Identity
- OAOTH 2.0 RS – AS Token Query Flows
- Customer Commons - The Magic Wand Project
- Consumers and Public Records
- Personal Data Startups Connect and Catalyze – next steps and PDEC StartUp Map (stages, models, patterns)
Session 3
- Education Customers and Companies
- Google Identity Toolkey – What other problems should we research?
- Mobile SSO Password Proliferation…. Any solutions??
- SCIM
- The act1v8 Project (VRM and Trust for Charity and Community Services
- DATA COOPS and BIZ Models
- Customer 2 Business – Will Federation Really work?
- Social Intentions – Private App on Facebook to express your true intentions
- Personal Cloud Prototype (Reprise)
- Opportunities for Developers around Personal Cloud Cloudstore
Session 4
- Trusted Identities “You are who you say you are”
- OIX (Axw6) Attribute Exchange Trust Framework – Progress Report
- Attribute Exchange Technical Overview
- Health Record Banks – Personal Cloud for Health
- Investors Corner / Where Investors and Entrepreneurs Come Together
- MAKE HISTORY – Be the 1st to get a User-centric Next-gen Secure Private Identity
- Security and Permission in Personal Cloud Connections
- SCIM – As An ATTRUBUTE Provider?
- World Economic Forum: Update on ‘Rethinking Personal Data’
- Freedom Box Workshop
Session 5
- OpenID Graph 1.0
- OIDF Workgroup – Account Chooser
- Beyond Prophylaxis – Next Steps post ad and tracking blocking W5F: KRL – XDI Integration
- correct house battery staple: Strong Passwords…. Passphrases.. are they still relevant/necessary?
- Personal Data and Gamification---Consumer use case Brainstorming focus on *Fun *Beneficial *Opt-In
- OATH 2 Dynamic Client Registration
Thursday
Session 1
- Mapping the Identity Ecosystem Framework ‘A Whiter Shade of Gray” – (Input for NSTIC Plenary Next Week)
- OAuth2 Chaining and Re-Delegation
- Personal.Com Blog Post
- 11 Models of “Trust”
- Education and beyond… How to mamage new Privacy Risks on Rapid Moving trends
Session 2
- IDESG Mapping Prep… Source Documents and SEEDS for Mapps (NSTIC)
- Wallets - Ours OR Google, Apple, ? (VRM)
- A Trust Framework for Open ID Connect AND beyond…. (with Unicorns)
- What is ‘Real Name” ?
- High Level Programming
- Webfinger
Session 3
- OIDF Board Meeting
- UE for ID/PDE or UX plud Tech for IDENTITY across Devices ‘1 Enterprise Experience from Browsers to Washing Machines?
- Account Recovery: How can we do better? Without back doors?
- Ultimate Realization of User Managed Contract / Terms and Policies Proffered by individuals
- FED. SOC. WEB SUM.
Session 4
- OAuth RoadMap (new specs, more interop, additional use cases)
- OIDF MTG #2
- Interesting Challenges of Bi-Directional Federated and Delegations
- Freedom Box Workshop
- Open Source Personal Clouds / What, Why, How
Session 5
- Intent Casting Prototype
- ‘Group Therapy’ Being a Pioneer and Communicating You Vision to Stakeholders
- REDDIT are there lessons for the Identity Community in recent events?
IIW 14
https://iiw.idcommons.net/IIW_14_Notes
Tuesday
Session 1
- Film (T1A)
- OAuth Overview for Beginners (T1C)
- Personal (Mozilla) Browser ID (protocol) (T1D)
- NSTIC Update, Pilots, Government Recommendations (T1E)
- VRM Intro (Vendor Relation Management) Developments (T1F)
- New to IIW / Identity etc… overview from Kaliya Q and A (T1G)
- Identity Management for the Internet Advertising Ecosystem (T1I)
Session 2
- OIX Attribute Exchange Working Group (AXWG) Progress Update (T2A)
- OpenID Connect – The Intro (T2B)
- Find Out And Control You Digital Footprint (T2D)
- XDI: what the hell is it? What is it good for? how does it fit with openID connect? Why isn’t it dead yet? (T2E)
- DATA ----- the gap ------ Getting it (AHA!) (T2G)
- Building a 4th Party VRM Start-Up (T2H)
- OAuth and SASL / Open Issues “to http or not http….” (T2K)
Session 3
- Account Chooser.com / OIDF Working Group update, next steps, your ideas (T3A)
- Demo with Freedom Box (you can participate!) (T3C)
- OAuth Security (T3D)
- How to Educate Consumers on privacy/identity/security issues? (T3E)
- VRM 2012 Outreach Planning / What vendors will go first? (T3F)
- Standard Information Sharing /Label (T3G)
- Health Care Regs: What Are They REALLY? (T3H)
- Federated Authorization / XACML, OAUTH, TVE…. (T3I)
- NSTIC’s Identity Ecosystem / Privacy Coord. Standing Committee (T3J)
- What is a Personal Cloud? (T3K)
Session 4
- Attribute Provider Network Demo via Open ID/OAuth (T4A)
- Mobile Identity and Dual – (multi) Persona (T4C)
- A Deterministic Model for Trust Framework Interoperability (T4D)
- OAuth/SMAL/OpenID for non-web applications – SMTP/IMAP/SSM (T4E)
- VRM Language (lockers vs smelly socks) Lexicon = what do we call the WHO and WHAT we work on? (T4F)
- What Happens When my Federated Identity Fails? (T4G)
- Zero – Trust Identity (T4H)
- Open ID Connect + Metadata ???? (T4I)
- How Can My Company Afford VRM? (T4J)
Session 5
- Writing Apps that are Easier to Defend than Attack (T5A)
- Resource Server to Authorization Server Commuications JACML? (T5C)
- Biometrics into the NET with Smartphones (T5D)
- Personal Data Ecosystem Consortium (PDEC) (T5G)
- Government of British Columbia Digital ID + Authentication (T5H)
- Novel uses for Context and what is it anyway (T5I)
- Sovereign ID vs Admin ID (T5J)
- User – Managed Access F.A.Q: How UMA Enables – Selective Sharing (T5K)
Wednesday
Session 1
- VRM + CRM(need help) Event – Sept 2012 Santa Clara (W1B)
- NSTIC Steering Group by-laws (W1D)
- Account Linking Service (W1F)
- Rethinking Patents in an Open Web World – reverse the burden of discovery? (W1G)
- Enterprise OAuth Infrastructure (W1H)
Session 2
- Personal Data Rights Language / Self Asserted Terms – Policies – Preferences (W2A)
- Backplane 2.0 Widget Collaboration Protocol (W2B)
- SCIM 101 (W2C)
- API’s (W2D)
- NSTIC How do we bring relying parties to the table? (W2F)
- Personal Data Tagging a Utopia? (W2G)
- Survey of UDID Replacements for Mobile Identity (W2H)
- New Gov Open Data to Corral Politicians (W2I)
Session 3
- Data Wallet (W3A)
- VRM Personas & Faceted Identity (W3B)
- SCIM 201 (W2C)
- ID Federation Trust Framework Use Cases and Mock Trials (W3D)
- Dynamic, Multi-Attribute Authentication – OASIS Trust Elevation TC /Open Meeting (W3F)
- Practices, Policies and Procedures around Identity Validation (W3G)
- CIPHER – whiteboarding on open-source language for consistent cross-platform CRYPTO (W3H)
- New Gov Foundation / Open Board Meeting (W3I)
- Personal Cloud work (W3J)
Session 4
- NSTIC and Governance (W4A)
- How can my company afford VRM? VRM Co-opetition, Developing Creative Relationships (W4B)
- Setting up an Open Source Community - To drive adoption of a cool ID technology (W4F)
- Communication Channels in our Personal Clouds (W4H)
- Client Certificate Authentication & Browser Pitfalls (W4I)
- DEMO – Social Verification and Google Street Identity (W4J)
Session 5
- Browser Cryptography – Enabling Stronger Authentication for ID (W5A)
- Commercializing VRM – in the marketplace (W5B)
- Backplane 2.0 – Implementation (W5F)
- XDI 1)Graph 101 2)Messaging 3)Link ContractsGraph_101_2)Messaging_3)Link_Contracts) (W5G)
- Assets Discovery for Simple Web Payment (openTransact) (W5I)
- Personal Data Rights and Underlying Principles (W5J)
- Health Care Regs: What are they REALLY? (W5K)
Thursday
Session 1
- Windows 8 Identity Investments (TH1A)
- VRM: Where does it start? (TH1F)
- Privacy - Enhanced Attribute Management / Help me understand "Privacy"' (TH1J)
Session 2
- Confused about ID token and Access Tokens??? Lean the Key Differences (TH2A)
- Beyond Caif - Cow / Escape from Client Server (TH2F)
- Are Custom URI Handles EEEEVil? Or Workable? Alternatives? (TH2G)
- Lifecycle's of Digital ID's Personal Online Including DEATH ... what is life online like after you die? (TH2J)
Session 3
- How to add an account chooser to your site - 4 line's of code but what if you want more! (TH3A)
- Trust Framework System Rules - Business, Legal, Technical (TH3F)
- Open ID Connect/OAuth - Token Lifetime Management (TH3G)
- XDI the Killer App? (TH3H)
Session 4
- SCIM 202 - Part 2 (TH4A)
- Personal Data Rights Language NEXT STEPS PDEC StartUp Circle (TH4F)
- Delivering Entropy Via DNS / WOrkability Challenges (TH4G)
- UMA Open Meeting - Part 1 (TH4J)
Session 5
- XDI Databases / small footprint - mobile development (TH5F)
- How can we continue the discussion? (TH5H)
- UMA Open Meeting - Part 2 (TH5J)
IIW 13
Tuesday
Session 1
- Open ID Connect Intro (1A)
- User-Managed Access Intro and Update (1B)
- Cross Device /3-4 Screen Identity (1C)
- Service Chaining With Oauth Bearer Tokens (1D)
- IIW & Identity Community Orientation (1F)
- Scalable Community Trust Infrastucture (1G)
- Possible Low Frication Global ID Proofing (1I)
- Trust Frameworks and Other Fundamentals (1J)
Session 2
- ATandT White Paper – P.L.O.A. personal levels of assurance (2A)
- Scalability Point to Point Federation (2B)
- Browser ID and More in-browser identity (2C)
- Logging on to Windows 8 With Your Live ID (2D)
- Layered Identity in Partnerships Networks (2E)
- What Did You Call Me? (2F)
- Generic Identity Models (2G)
- Endpoint Authentication Role and Standards (2I)
- Developments In Drupal – doing something there? (2L)
Session 3
- Evented API’s (3A)
- Per Site Account Chooser (3B)
- OAUTH Web Authentication Where the Protocol is and What’s Next (3C)
- VRM for Newbies – update and Progress (3F)
- Keeping User Data on the Endpoints/Secure and (really) Private User Centric (3G)
- SCIM (Simple Cloud Identity Management) (3H)
- Data Privacy and Security with UMA and SMART AM (3K)
Session 4
- Identity Layer 4 OAuth 2 and Multi-Protocol Support Discussion (4A)
- Per Browser (hot) Account Chooser (4B)
- Identifying with your Bank – Global, Strong, Authz w/EMV BANK CARDS (4D)
- Are You an RP? (an AP’s and RP’s discussion) (4E)
- Customer Commons (the 100%) (4F)
- Killing Passwords/ Use Mobile Phones and QR Codes for Auth-N (4G)
- Simple WEB Payments (4H)
- Standards Landscape (4I)
- XDI What is it? What is it good for? (4K)
- OAUTH2 – on Mobile Devices (4L)
Session 5
- Federated Authorization w/ OAuth2 (5A)
- The Role of State Government (5B)
- Declaration of Identity / Talk and Sign (5C)
- SMART OpenID – What Mobile Network Operators Can Contribute to OpenID (5D)
- Internet Identity Trends – A Fun and Exciting Discussion and Analysis (5E)
- Citizen-Based Policy / Government Relationship Management (5F)
- OpenID Connect Spec Work Client Registration (5G)
- A Contrarian View of Identity/Case Assumption: You are only your legal name… (5H)
- NSTIC/FICAM Digital/Physical ID Overlap (5I)
- Europe vs Facebook (5J)
- Sneaky Bastards – Activism…hacking the legal “black box” making agreements accessible and possibly fun… (5K)
- The JAVA Identity API (JSR 351) (5L)
- Consumer Adoption of Personal Data Vault (5M)
Wednesday
Session 1
- PDEC (Personal Data Ecosystem Consortium) Legal Advisory Board (W1A)
- One ID -what, why, how vs alternative (W1B)
- NSTIC Update (W1D)
- HQuery Distributed Queries for Health Data (W1F)
- Open Transact Spec Session (W1H)
- XDI Link Contracts (W1K)
Session 2
- VRM and Anything / Evented API’s (W2A)
- Technology Solutions for Use Attribute Control (W2B)
- What is the impact of a device as an entry point into an online ecosystem / data platform? (W2C)
- Standards Landscape I (W2D)
- CSDIP = Cross-Sector Digital Identity Program /NSTIC P.O.C. (W2F)
- Connecting Physical and Virtual Identities Approaches (affordable) Usability, Privacy and business (W1G)
- Converging Digital Identities with Physical Areas – facilities, critical infrastructure , etc… (W1H)
Session 3
- Internet Authentic Ecosystem “a la Rus” (W3A)
- What Does “interoperability” really mean (and what should it mean) in the context of NSTIC? (W3B)
- Standards Landscape II (W3D)
- New Gov US – Hacking Politics Steering Committee GRM (W3F)
- Conceptual Design Model –Possible Future State (W3G)
- Open ID Connect Flows and Levels of Assurance (W3H)
- A National ID for the US (W3I)
- Call for participation to Next-gen. HTTP-Auth Standardization Effort on http-auth@ietf.org (W3L)
Session 4
- Personal Levels of Assurance = P.L.O.A. (W4A)
- Monetizing Street Identity (W4B)
- How do Different Technologies Align with the 4 NSTIC Guiding Principles (W4C)
- Standards Landscape III (W4D)
- Collaborating on the Open Web / How to get your company to Sign OWFa!! (W4E)
- Hypothes.is / Peer Review for the Internet (W4F)
- NSTIC – Assuring ID Services as well as the Technology (W4G)
- Data Portability - Wading through the BullShit (W4H)
Session 5
- BackPlane 2.0 Plus-Oauth Plus-sensitive data Plus-persisted state (W5A)
- Monetizing Mobile Authentication ‘LMNOP’ (W5B)
- NSTIC /4 Sessions Combined (W5C)
- Levels of Protection (W5E)
- Connect.Me Social Vouch-a-thon (W5F)
- Open ID Connect Spec Work Session (W5G)
- A Look at 10 Proofing Using the Social Graph (W5K)
Thursday
Session 1
- A Simple Hack to Pay for Everything (TH1A)
- Personal.com DEMO (TH1D)
- Death to NSTIC! (TH1E)
- Open ID Connect Editing Session (TH1F)
- Is There A Business Case for Click Stream (TH1G)
- Personal Data Ecosystem Overview (TH1H)))
Session 2
- Building 4th Party Systems (TH2A)
- Connect.Me Social Vuch-A-Thon (TH2F)
- Smart OpenID Connect Chip to Cloud via Open ID Connect (TH2G)
- NSTIC Governance or Community? (TH2K)
Session 3
- Brave Heart P.L.O.A. Personal Levels of Assurance in a Kilt! (TH3A)
- Password Fifty Years and Counting (TH3B)
- Authorization Unbound: BELAY (TH3D)
- DATA Portability – Roundtable (TH3F)
- PDEC Technical Documentation Group (TH3G)
- Personal Data Ecosystem Consortium / Technical Documentation and Interoperability (TH3J)
- ID Proofing – And the Social Graph (TH3K)
Session 4
- YUBICO – Simple Two Factor Authentication (TH4B)
- So….. you want to do an UnConference? (TH4D)
- My Personal Event Network Waters my Lawn (TH4F)
- Techniques for x-site Communication in the Browser (TH4G)
- NSTIC – PETs Privacy Enhancing Technologies/Allowed Recommended Required? (TH4H)
- Europe vs Facebook (TH4J)
Session 5
- Fact Registration Concept (TH5A)
- ISWG’s Standard Information Sharing Agreement and DTAs (TH5F)
- Start-Up Friendly “YUKON” Policy and Implementation (TH5G)
- Strangers in the Net: When the RP is a Real Person (TH5H)
- Deployment and Usability of Crypto Credentials (TH5K)
IIW Satellite DC
- What's Going On With NSTIC? Pilots! Steering Groups! - (1A)
- OIX Update (1A2)
- Open ID Connect – the History and Practice (1F2)
- How Private Is It? Privacy Metrics and Preservation Techniques (1G1)
- Personal.com Demo (1G2)
- What Would a Great NSTIC Pilot Look Like? (2A)
- Personal Data Services (2F2)
- Gov Use of OAUTH2, OPEN ID Connect, UMA? (2G1)
- Attribute Management (2G2)
- FICAM Profile, OAUTH2 and 800-63?? (3A)
- ABA IDM Work Group “Redefining Terms” (3F1)
- Why A Super Voter ID? Architecture *Certified Constituent (3F2)
- Constant Use Of Attribute Sharing UI (3G1)
- SCIM Who's Doing What? Standard for Managing Users & Groups (3G2)
- Level 3 and 4 Credentials in the Exosystem (3H)
- Why You Should Care About OAUTH2 (4A)
- Impact of Consumer Permission on Data Use Compliance Laws (4F1)
- Making OAUTH Scopes Interoperable With UMA (4F2)
- Limited Liability Persona.... Can This Leagal Innovation Address Issues of “Psuedonimity” for Trust & Transactions? (4G2)
- Why You Should Care About OAUTH 2 (4H)
- Limited Liability Persona.... Can This Leagal Innovation Address Issues of “Psuedonimity” for Trust & Transactions? (4G2)
- Eat My Attributes (5A)
- Use Case for OAUTH 2 & Structured Takens (5F1)
- Why A Super Voter ID? Architecture *Certified Constituent (5F2)
- Global Attribute Trust Level – Standardization (for RP's) (5G1)
- Common/Open (NPO) Solution For – The Person in the “Personal Identity Movement” (5G2)
IIW 12
Tuesday
Session 1
- Introduction to the JSON Spec Suite
- Yahoo! DAA DNT Hybrid from W3C webtracking & user ID
- Google’s Open ID Relying Partyr
- Respect Trust Framework & Founding Trust Anchors
- Identity Community 101
- Simple Cloud Identity Management
- Gov’t Regulation & Security Services & Bill of Rights
Session 2
- [NSTIC,
, IDPs, TELCOS, DANKS](https://iiw.idcommons.net/NSTIC,_
,_IDPs,_TELCOS,_DANKS) - How to meet privacy goals of NSTIC
- Yahoo! As a relying party
- Open ID ABC Identifiers & Discovery
- Federated Identity for non-web apps
- VRM + Browers
- The line between public and private internet ID
- Users in control of their data UMA
- How many IDPs do we need?
Session 3
- Verified ID in the browser
- Secure Cloud Interop using JWI + OAUTH
- An architectural approach to harmonizing data between personal data stores
- Reputation Systems (whuffie?)
- Open ID ABC session management
- PUSHEE
- Can Banks act as digitial ID providers? Is there money to be made?
- Portable Contacts 2.0
- Security measures identity protocol flows
Session 4
- W3C Identity in the browser topic gathering session/Info Card
- New UMA solutions for scoped access and centralized AUTHZ
- DNS as a personal data store and discovery mechanism
- SSEDIC: Scoping the Single European Digital Identity Community
- User info end point of Open ID ABC
- JSON activity streams spec
- Success factors for fourth parties/user agents
- When SAAS apps exchange customer data should they use OAUTH, Open ID, or other (SAML) protocols to access the data
- Higgins 2: Open Source personal data service
- Bizzaro ID revenue from user purchased ID services
- Open ID 2.0, OAUTH 2.0, Open ID ABC Where are we going?
- Do not track! It won’t work!
Session 5
- Personal Data: what’s the state of things today?
- Getting rid of usernames & passwords – for real?
- OAUTH2 Device Profile
- Open XDI OX
- Data portability for trust framework
- Open Identity protocols and banking
- Portable contexts
- OStatus (Federate the social web)
Wednesday
Session 1
- Beyond the NASCAR UI Google’s Account Chooser
- Chained Identity in Online Entertainment
- Info Sharing Agreement
- Virtual Problems
- SCIM Use Cases
- Different IDP Business Model
Session 2
- Packaging RP Best Practices: Google Identity Toolkit
- Identity in the Browser: Open ID for Firefox
- Smart User Managed Access Demo
- Public Policy Issues in Identity
- How do we publish from our personal data stores? Save the restful web.
- What’s possible at intersection of trust, identity info, commerce and journalism
Session 3
- NSTIC.
- Proxy Auth for Native App Hosts
- Respect Trust Framework 2
- User Managed Access: User Interface
- SCIM Core Schema
- Pseudo Anonymity and Reputation Systems
- Beautiful Payment Systems w/OAUTH
Session 4
- OAUTH2 User Agent via Window Post Message
- What’s available for the shared user profile? Is Poco end all answer?
- Adapting Levels of Assurance for NSTIC
- Building a Trust Framework for Multi-side Markets
- VRM + CRM
- SCIM Bindings
- Two Legs Good? “Client-Server” OAUTH Usage
- Extended Demo: UI for personal data store + data sharing on mobile device cubicon
Session 5
- Backplane Spec
- OAUTH, Open ID Mobile UX: How should it work?
- How to Manage Digital Multiple Identities Securely and Assuring Privacy on Internet
- The Payment Card Trust Framework
- VRM @ Work
- ID/Legal: Dialogue Collaboration
- Conversation Around Data as Currency
- How Yahoo! Became RP: A Large Scale Implementation Study
- Open Architecture for Step Up Authentication
Thursday
Session 1
- For Public Consumption. Choose Wisely: Identity as selective pressure on biology
- Respect Trust Framework Q+A (part 3) Become a trust anchor
- Data Portability for Trust Frameworks
- OpenID Specification Work
- Internet Bill of Rights for “Vegas” Model
Session 2
Session 3
- What part is Identity? What part is Personal Data?
- Open ID Specification Work
- Bill O’Rights O Rama
- Strategies for Ubiquity
- NSTIC Risks Legal Liability
- News personalized by inference or expression…managing the user’s persona
- The Locker Project
Session 4
- What part is Identity? What part is Personal Data?
- Open ID Specification Work
- Legal Structures
- Personal Data - Stores, Lockers, Vaults
- Square Tag
- Red Teaming Trust Frameworks
- Give me tips on creating persona
- Field Guide to Real World Trust Frameworks
- Start-ups table
Session 5
- Open ID Specification Work (Cont.)
- Is there value in an open reputation framework?
- Digital Death
- Real world VRM example + code for VRM App
- Make OAUTH2 Easy for Rest Developers
- Certified Identity
ID Collab Day
ID Collaboration Day Book of Proceedings
- Identity Commons Claims Agent Working Group
- Citizen ID’s and Winlogon credentials? Why AND/OR Why not
- How Will the Enterprise do Identity In The Cloud?
- UK Government ID For Digital Public Service
- Why (Identity, Privacy, Turst) Frameworks are Failing
- Identity In The Browser
- ID Adoption Discussions: Compliance + Service Certification Requirements for Cross-Domain IDM Deployments – Govt, Financial etc…
- Personal Data Ecosystem Personal Data Stores and Services Emerging. What is Happening, How To Be Involved, What To Do Next
- Architecture for A Personal Data Ecosystem
- Organizations and Their Individual Affiliates (retirees, contractors, etc…) Bringing Their “Own Identity” to the Organizations Services
- Measuring ID Assurance Through Complex Supply Chains – “The Weakest Link Breaks the Chain” + Is There a Market for Assurance?
- U-Prove CTP RZ
- ANSI / NASPO – ID-V Standards Workgroup Update
- Machine Readable Policies to Informed Consent
- NIH Seeks Higher LOA
- Personal Data Management (part2) Practical Applications and Market Considerations
- NSTIC.US
- Use Cases for User Centric and Communicating Them On The Web–Identity Labs?
- Kantara Universal Login Experience
- Open ID ABC – High LOA Secure Discovery
- User Managed Access and SMART
- 5 Minute Higgins 2.0 Personal Data Service Demo
IIW 11 2010b
Tuesday
Session 1
- Intro to PDS (Personal Data Store)
- Trust Frameworks Analogue to Digital Converters
- Decline of User-Centric Identity an analysis
- OAuth Listening Tour
- Activity Streams 101
- Verified Identity Claims 1
- UMA 101 User Managed Access
Session 2
- OpenID OAuth - Social Networking for online retailers
- ID Commons -IIW Intro
- Deep Dive OpenID - AB
- VRM Development
- No Base String
Session 3
- Attenuated Redelegation
- Verified Identity Claims "U Prove Intro"
- Facebook as a Personal Data Store
- OpenID Connect Discovery
Wednesday
Session 4
- Pseudonyms for Privacy
- Rap Leaf Is it a joke?
- Verified Identity Claims 3
- Handling Unregistered Clients in OAuth and OpenID connect
Session 5
- Change Notify Proposal
- OAuth Multiple Token
- Personal Data Ecosystem
- Making Security Decisions Disappear
Thursday
Session 1
- Value Network Mapping
- Future Phone Device Authorization
- Enterprise OAuth BOF Level Set
- OpenID Connect Sessn Mgmt
Session 2
- PDE- Why would anyone adopt?
- Fix Session Mgmt Jacking
- UMA 201 Q and A
- Poor Man Verified ID
- Int'l Presence of OpenID
- OAuth for Installed Apps
Session 3
- VERIFIED IDENTITY CLAIMS – Selectors (W3A)
- OAuth2 for Devices
- Building a CAKE Detector
- Shifting Global Economy w-Identity
- OpenID ABC Artifact Binding
Session 4
- Personal Data Ecosystem Biz Models
- Using a Personal Data Store
- JSON Token Spec - Encryption
- Verified Identity Claims - UX
Session 5
- Deadly Sins Distributed Authentication
- Personal Data Ecosystem Model 2
- Cloud Directory Standards
- Infrastructure Focus - Relationships Among Things
- JSON Token Spec - Claim Names
- OAuth LEELOO
- What do USERS want?
- OpenID Attrib - Beyond AX-SREG
Session 1
- Go To Market - PDE Adoption drives for Personal Data Ecosystem
- Google Sample OpenID RD and RP Best Practices
- JSON Spec Work continued
- User Managed Permission Interface
Session 2
Session 3
- PDE - Go to Market and Community Strategy
- Adopting OAuth 2 OpenID Connect
- Email is not Dead Yet
- Policy Framework
Session 4
Session 5
IIW Europe
Session 1
- What is the MYDEX Prototype?
- Federated Network Access
- Partial Identities Privacy and Credentials
- Privacy and Federated Social Networking w/o Correlation
- OpenID Tiered Providers
- Federated Identity as a Business Model
Session 2
- Scoping the Single European Digital Identity Community
- WebID and DNSSEC - combined session
- U-Prove - How Do We Use Privacy Enhancing Crypto?
Session 3
- What Do We Actually Mean When We Talk About Identity?
- The Quality of Customer Intelligence (Authenticity/Relevance Correlation)
- Personal Data Store Harmonizing = Project Nori DEMO
- Claims
- Authent-New Tools - Opportunities - Business
- Remonetizing the Web: from 'Give privacy, get service' to: A win-win social web ecosystem for customers, Telcos, Banks, Websites
- Identity Assurance (merges with) Automated Policy Negotiation
Session 4
- CardSpace in the Clouds
- Introduction to Digital Death - What Happens to Internet Identity After Death?
- One Social Web . org
- Why do Politicians Understand So Little? Our Fault or Theirs?
- How Do You (we) Manage Heterogeneous Groups?
- Issues About Profiling and Cross-Border Data Stores
- OpenID the Nascar Problem Revisited
Session 5
- UK Gov. - They Want To Talk Identity. How Do We Help?
- Embedding Privacy Controls in OnLine Identity Mechanism: How and Why?
- Privacy Dashboard Demo
- Financial Services - distance selling, money laundering, "Know Your Customer"
- Personal Data Ecosystem.org
IIW EAST
THURSDAY
Session 1
- Role of Government as Identity Oracle (Attribute Provider)
- B2B and B2C: How to Balance the Difference and Challenges of Each Environment
- Proofing the Masses
- NSTIC 101 (wtf?)
- More Government Employees at IIW Next Time
- PDX Ecosystem
- High Assurance Consumer Identity
Session 2
- Certifying Use Location for Politics Governance
- Useability: Addressing the click - click - click problem
- Leveraging Identity to Enable and Foster Scientific Collaboration
- Identity and Cross Domain Systems (multilayer security)
- Should We Create "Ownership Rights" in Law for Personal Data?
- Personal Data Vision of Future: Video
- Attributes Claims - Identify Attributes LOA
Session 3
- Are Mediation Tools Useful in Authentication?
- Open Identity for Closed Government: NSTIC the Cybersecurity Answer?
- Wholesale Privacy
- Building Standards for "Trustable" ID Providers
- Liability and Financial models for Identity Providers, Attribute Providers and Identity Proofers
- Personal Data Stores and Context Automation
- Patient Centric Medical Record Federation - Securing HData
- How to Make HTTP Authentication Useful Again?
Session 4
- PRIVACY - Did We Solve Privacy for Web Identity Systems (technically already?)
- Personal Data Store/Archive
- Service Chaining and Trust
- Extending OpenID Assertions with SAML+
- NSTIC - "Identity Ecosystem"
- Cross Federation Trust w/Meta Data
FRIDAY
Session 1
- OAUTH - What Topics Should We Focus On Next?
- Liability for ldps, APs, RPs... Continued
- Getting More .gov @IIW
- Identity Commons "3.0" Big Tent Creation
Session 2
Session 3
- "Today Geekdom, Tomorrow the World"
- Personal Data Locker? What is it and Why?
- Ownership Rights in Data Pt2
- Information Security Standards and "Levels of Protection"
- Certification Coordination - OIX, Kantara, ID Commons
Session 4
- OAUTH Signing #2
- Making NST IC Open/Making NST IC Happen
- Hybrid Online/Offline Debate BYO Issue
- Roadmap for Personal Data Store Ecology: Let's Make One
- Demo
IIW 10 2010
Monday
Session 1
- Designing Faceted ID System
- Nascar for Sharing and Personal Service Distovery
- Using DNS + ENUM
- Getting Started in Internet Identity
- Can the Open Pile Become Beautiful Again
- Small Business Software on the Open Web
- OAuth 2.0 WTF
- Online Voter ID How do we do that?
Session 2
- Mozilla Proposes
- Digital Heritage
- Recovering a Lost Identity
- Voluntary Oblivious Compliance
- P2P Network Version Vega
- A New Liberty? to prevent single vendor dominance
- OpenID Connect WTF
Session 3
- Magic Signatures and Salmon
- Cet Competing e-ID providers creating a Market
- OneSocialWeb XMPP & Social Web
- What do regular web devs need to know about ID
- User Managed Access - UMA (protocol)
- Permission vs Consent
- eCitizen OpenID National Architecture
- OpenID Connect: Under the Hood
Session 4
- Trying to use PubSubHubbub
- Privacy Enhancing Approach
- Contextual Identity
- Identity Lifecycle
- Verified Attribute Schema
- Personal Data Stores
Session 5
- Voice Biometrics
- VRM Parts & Whole
- Linking Data Across Social Networks APIs
- Six Degrees of Sharing
- OAuth 2
- ORCID Open Research Contributor ID
TUESDAY
Session 1
- Strong Auth and OpenID getting Comfie
- Information Cards and Gov Cards
- De-Confusion Big Picture
- Open Geneology
- XRD Provisioning
- Building MITER ID
- OAuth 2.0 and SASL
Session 2
- Info Grid Graphic Database
- Legal Issues Underpinning of UMA ("UMA and the law")
- Contacts in the Browser
- Migrating from HTTP to HTTPS OpenID
- Identity Business Models
- Patents, People Development Pools
- Enterprise Signing in OAuth
Session 3
- Simple Reputation Feed
- Lawyers and Accountants
- The Right Question Making Privacy Policies User-Centric vs. Data Centric
- OIX
- UX w/no logout...single sign out
- URL-Sharing Using the OExchange Protocol Stack
- Secure Web Auth
- The Case for and Design of KRL
Session 4
- Research Report on Info Sharing
- OAuth 2 for Native Apps
- User Managed Access (Claims 2.0)
- Client Side OptIN Cross Site Data Sharing
- Telco vs. The NET
- Web Biz Card
- SAML Profiles for OAuth
- Separating: ID, Credential, and Attribute Management
- Story Cubing and Synergies
- OpenID-Artifact Binding
Session 5
- Biz Model on Distributed Social Web
- Directory Federation
- Honey Roasted Death Camp Salad
- OpenIDvNext Discovery
- Implications of User Owned Controlled Data as Official Government Policy
- Google as an OpenID RP
WEDNESDAY
Session 1
- Personal Data Store Ecosystem Design
- (In)Coherent Web (in)security Policy Framework
- Bootstrapping OAuth 2.0 Ecosystems
Session 2
- OAuth Provisioning continued
- Stateless Distributed Membership an Inquiry
- Emancipay VRM and CRM
- Breaking up with Atom Activity Streams
Session 3
- DNSSEC
- Certifying Open ID, IdPs, RP
- SMART UMA
- Catalyst Interop Planning
- PCITF: Payment Card Industry Trust Framework
Session 4
Session 5
IIW 9 2009b
Session 1
- OpenID Artifact Binding =Nat
- Gluu Metaprise - MIke Schwartz
- Cloud Selector - Susan Marrow
- Vulnerabilities in ID tech - Rich Smith
- VRM Loyalty Cards in Real World - Chris Carfi
- Data Portability TOS EULA - Steve Greenberg
- Social Consent - Angus Logan, Kevin Marks
- Social InterNetworking - Rohit Khare
Session 2
- Attribute eXchange =Nat
- Biz Case for Data Portability - Elias Bizannes
- Identity Selector for OpenID - Mike Jones, Ariel Gordon, Oren Melzer
- Enterprise Use of Consumer Identities - Pamela Dingle
- Activity Streams - Monica Keller, Chris Messina
- Privacy Risk Assessment at the data item level - Jeff Stallman
- Question to ask for request - Alan Karp
- Legal Layer of the Stack - Scott David
- Twitter What's with it? - Kaliya
Session 3
- Salmon - John Panzer
- Selling to Consumers - Phil wolff
- User- Managed Access - Eve Maler
- Email Sucks What's Next - JAM
Session 4
- Attribute Aggregation - David Chadwick
- OpenID Security - Breno, Jeff, Ashish
- Building Action Cards - Phil Windley
- Microformats Meaning in HTML existing formats - Kevin Marks
- elgg Open Source Social Networking - Justin Richer
- Defining Meaningful Claims - Patricia
Session 5
Sessoin 5
- OpenID for Science Community - Dhiva, Mike Helm
- Identity in the Browser: Security and Protocol Issues
- Role of 3rd Parties in enabling trust frameworks, challenges, business models, opportunities - Lena Kannappan
- What an RP Needs - Joseph Smarr
- The Business Imperative of User-Driven Data - Darias Dunlap
Session 6
- Trust Nexus - Mike Duffy
- Open Identity Trust Framework - Drummond Reed, Don Thibeau
- The Hammer-Stack "advanced"
- Identity and Cloud Computing - Anil Saldhana
- Active Client iiw9 - RL "Bob" Morgan
- The Small Business Web Issues of building a "whole product solution" - Sunir Shah, Freshbooks
- 4th Party Provider Brainstorm Day 2 Lunch
- ID Commons Stewards Call
Session 7
- OpenID Contract Exchange and Japan Update =Nat
- Identity and iPhone - Jeff Shan
- OpenID Session Management Best Practices - Johannes Earst
- Going to Market Mobilizing a community of RP's and OpenID InfoCard enabled session - Mike Ozburn, Scott David
- Is Assurance Real? - RL "bob Morgan
- OpenID Provider Office Hours - Yahoo, Google, AOL, MyOpenID
Session 8
- Salmon Pixie Dust - Johnathan Panzer
- I'm from Phone Company How can I help
- Strong AuthN - Micheal Sprague, Wave Systems
- Schema Mapping Using Personal Data Madel - Paul Trevithick
Session 9
- OpenID v. Next
- Information Sharing - Joe Andreu
- Data Traceability in the cloud - Steve Holcombe
- Facebook Recycling
- Spectrum of Identity and other things - Kaliya Hamlin Rick Smith
Session 10
Session 10
- WRAP - Simple OAuth - Web Resource AuthN Protocol - Dick Hardt, Allen Tom, Brian Patton
- From Paramecium to People - Bioinformatics,Identity and Law - Scott David
- Portable Contexts - Joe Andreu
- How Should Identity Support in the browser look like? - Johannes Ernst
- My Ideal Identity Flow - Eran Sandler
Session 11
Session 11
- Public Key Discovery
- Identity in the Browser
- SAML and OAuth - Paul Madsen
- Open Identity Trust Frameworks
- Lessons Learned Past Efforts...Email Auth... Ev SSL - Jim Fenton, Craig Spiezle Lunch Day 3
- Why Facebook doesn't implement OAuth today - Luke, David
- Getting data into XRD - Will Noris
Session 12
Session 12
- Rich Sharing on the Web - Alan Kar
- XRI Resolution using XRD 1.0 =Drummond
- Where should Identity Live - Andrew Arnott
- Factors Influencing VRM/CMI Enabled marketing systems
IIW 8 2009
Session 1
- Identity Doesn't Matter - Authorization Does, Alan Karp
- Distributed Identity Based on Relationships, Pat Sankar from Rel-ID
- Do People want to Own and Manage Their Identity? If so, How?, Ernie..... State of OpenID - Authoratatives Discussoin RE: State of 1) Trust/Security 2) User Experience 3) Nascarization 4) Attribute Exchange 5) Adoption by David Eyes
- Defining an Architecture and Lexicon for VRM and Volunteered Personal Information building on VRM Workshop Dialogue - Iain Henderson (video)
Session 2
- Authentication or Authorization? Can we move to verification Now?, Doug Whitmore
- Financial Institutions as Identity Providers, Guiyom
- Identity and Privacy - Who to Trust with Your Data, Mainak
- Identity Quartet and User Driven Identity, Joe Andrieu (video)
- Identity Services Business Models, Bob Blakley
- OpenID For Desktop Applications: How? When?, Infinity Linden
- Sharing Permission RESTfully with Web-Keys, Tyler Close.... ... Authorization without boring crypto (It is possible and it is secure), Hans Granquist
Session 3
- Filtering the Noise in the Activity Streams How to <3 your stream..., Monica
- Role as Identity and Organizational Trust, Justin Richer
- Higgins Cloud Selector (a way to use i-cards without installing anything on your Machine), Markus (video)
- Keeping User Happy on the Desktop vs. On the Web (OS-level vs Online ID Management), Aridren N. (Apple) / Ariel G. (MSFT) ... ...What would it look like if Apple designed OpenID?, Chris Messina
Session 4
- Action Cards (Part 1) What are they, How do they Work, what are the Issues, Drummond Reed (also see opening talk (video) by Drummond)
- Becoming an OpenID Relying Party, Luke Shepard (Facebook) and George Fletcher (AOL)
- Enhanced Transaction Model Using InfoCards, Jeff Stollman
- Distributed Expertise Location, Terrell Russell
- Characteristics of VRM Joe (video) (also see opening talk (video) by Doc Searls)
- Claims, Tickets and OAuth Yaron Y. Goland
Session 5
- Action Cards (Part 2) Building Action Cards with Kynetx (Demo), Phil Windley
- Identity Brokers What are they? How do they Work?, Ben Sapiro
- Claims, Tickets and OAuth Yaron Y. Goland Value of Identity (end user) and SEO,
- ID-Legal "straw man" blog, Lucy
- Self Asserted Attributes When to Trust Them, AssertID
- Claims, Tickets and OAuth Yaron Y. GolandVRM 1st and 4th Parties, Doc (video)
- User-Managed Identity Use-Case Gathering (To Identity Symergy), Trent Adams
- Developing a Secure Discovery Based Messaging System, Nika
Session 6
- Are there "standards" for Registering to Call an API, Angus Logan
- Protect Serve Relationship Management for User-Driven Access Control, Eve Maler (video)
- VRM and Media, Doc
- OAuth for High Value Transactions, Jeff Shan
- Managing Alternative Identities, Infinity Linden
- Introduction to Discovery or How Do we Interact with the Unknown, Eran Hammer
- Big Dialogue and Online Community Identity Rules MIT Media Lab/ Harvard Berkman Center
- Innovation Games, Nancy Frishberg (video)
- Assurance in the Real World Levels, Communities, Certificates, Governments, Protocols, Bob Morgan ........ Discovering Federation and Trust Levels for OpenID Info-Card SAML, John Bradley.......Next-Gen O PenID Discovery: LRDD, XRD, signed delegation etc., Dirk Balfanz
Session 7
- OpenID UX OpenID UI Extension Best Practices, Allen Tom
- Confetti Stop Storing Passords and Start using Delegation -> Get more users, Kevin Marks
- Use Cases for User-Managed Access, Eve Maler, Alan K, Trent A, Paul T. Dazza G.
- Failed Identity Businesses, Chris
- Contextual Friends Lists and Sexuality Online, Sarah Dopp
- Kantara Initiative, Brett McDowell
- Activity Strea.ms Formalizing Draft Spec
Session 8
- Detecting User Login State and Preferences Brian E, Luke Shepard (Facebook)
- Microformats *distributed data, *in HTML, *in Google SERPs, Kevin Marks (video)
- User Driven Search, Joe Andrieu
- Personal Relationship Management What about starting an Open-Source project?
- Web 2.0 vs. Rich Internet Apps (RIA), Brett McDowell
- OAuth for Installed Applications, Nathan Beach, Eric Sachs
- Identity and the Future of Money, Giyom
- Having Fun with Wakame, Asa Hardcastle (video) Other
- Demos
- How to talk to Business People, Mike Ozburn
Session 9
- 9A: Use Case Selection and Metrics, Eve Maler, Alan Karp
- Activity Streams, Twitter API, Facebook, Open Social, Yahoo! Updates, Kevin Marks (QT video)
- Simpler OAuth For Lower Risk Use Cases, Brian Eaton, Eric Sachs
Session 10
- Use Case Selection and Metrics Part 2: See 9A: Use Case Selection and Metrics
- What does and RP need to survive compromise of user@idp? Breno (Google), Luke Shepard (Facebook)
- OSIS Testing John Bradley
- Innovation Design and Serious Games To Make Your Products Rock, Kaliya and Nancy F (QT video)
- Identity in 10 Years - How People Change Chris
- OAuth for Enterprise Use Cases (2 legged), Eric Sachs
Session 11
- Personal Hype Quotient: OAuth in Use - meet the OAuthors
- Visual e-ID (Certificate Image Extension
- InfoGrid sneak preview, Johannes Ernst
- WebFinger (Personal Web Disco)
- Internal and External Identity in the Enterprise, Justin Richer
- What if an IDP allows logins to multiple accounts at the same time? RP Impact?, Eric Sachs
Session 12
- NASCAR DEMO with Action Cards, Phil Windley and Drummond
- OpenID, Open Social and Mobile, Jeff
- Open Liberty Released - Wakame VI.O ID-WSF FUN, Asa Hardcastle (QT video)
- Validation Extension for OpenID, Henrick
- Use Cases for Identity Brokers Ben S. Ashish J.
- OpenID PGP and Thawte Key Signing, SignpollyMa, Will Norris
IIW 7 2008b
Monday
Session 1
- Designing Faceted ID System
- Nascar for Sharing and Personal Service Distovery
- Using DNS + ENUM
- Getting Started in Internet Identity
- Can the Open Pile Become Beautiful Again
- Small Business Software on the Open Web
- OAuth 2.0 WTF
- Online Voter ID How do we do that?
Session 2
- Mozilla Proposes
- Digital Heritage
- Recovering a Lost Identity
- Voluntary Oblivious Compliance
- P2P Network Version Vega
- A New Liberty? to prevent single vendor dominance
- OpenID Connect WTF
Session 3
- Magic Signatures and Salmon
- Cet Competing e-ID providers creating a Market
- OneSocialWeb XMPP & Social Web
- What do regular web devs need to know about ID
- User Managed Access - UMA (protocol)
- Permission vs Consent
- eCitizen OpenID National Architecture
- OpenID Connect: Under the Hood
Session 4
- Trying to use PubSubHubbub
- Privacy Enhancing Approach
- Contextual Identity
- Identity Lifecycle
- Verified Attribute Schema
- Personal Data Stores
Session 5
- Voice Biometrics
- VRM Parts & Whole
- Linking Data Across Social Networks APIs
- Six Degrees of Sharing
- OAuth 2
- ORCID Open Research Contributor ID
TUESDAY
Session 1
- Strong Auth and OpenID getting Comfie
- Information Cards and Gov Cards
- De-Confusion Big Picture
- Open Geneology
- XRD Provisioning
- Building MITER ID
- OAuth 2.0 and SASL
Session 2
- Info Grid Graphic Database
- Legal Issues Underpinning of UMA ("UMA and the law")
- Contacts in the Browser
- Migrating from HTTP to HTTPS OpenID
- Identity Business Models
- Patents, People Development Pools
- Enterprise Signing in OAuth
Session 3
- Simple Reputation Feed
- Lawyers and Accountants
- The Right Question Making Privacy Policies User-Centric vs. Data Centric
- OIX
- UX w/no logout...single sign out
- URL-Sharing Using the OExchange Protocol Stack
- Secure Web Auth
- The Case for and Design of KRL
Session 4
- Research Report on Info Sharing
- OAuth 2 for Native Apps
- User Managed Access (Claims 2.0)
- Client Side OptIN Cross Site Data Sharing
- Telco vs. The NET
- Web Biz Card
- SAML Profiles for OAuth
- Separating: ID, Credential, and Attribute Management
- Story Cubing and Synergies
- OpenID-Artifact Binding
Session 5
- Biz Model on Distributed Social Web
- Directory Federation
- Honey Roasted Death Camp Salad
- OpenIDvNext Discovery
- Implications of User Owned Controlled Data as Official Government Policy
- Google as an OpenID RP
WEDNESDAY
Session 1
- Personal Data Store Ecosystem Design
- (In)Coherent Web (in)security Policy Framework
- Bootstrapping OAuth 2.0 Ecosystems
Session 2
- OAuth Provisioning continued
- Stateless Distributed Membership an Inquiry
- Emancipay VRM and CRM
- Breaking up with Atom Activity Streams
Session 3
- DNSSEC
- Certifying Open ID, IdPs, RP
- SMART UMA
- Catalyst Interop Planning
- PCITF: Payment Card Industry Trust Framework
Session 4
Session 5
IIW 6 2008a
- Creating an InfoCard IdP in 30min Daniel Sanders
- Tracking stuff I've Done Killer OpenID app?, Dick
- Open Social Making the Web More Socail, Kevin Marks
- Verified Claims From Here to Reality - Bob Morgan, UW
- User-Driven Search Joe A.
- Large OPs and RPs Shreyas, Y!
- Relationships Bob Blakley
- InfoCard Capabilities Pam Dingle
- Why OpenID matters to the Enterprise Pete Metralus and Ed Amemiya
- Higgins R-Cards Markus S.
- Digital Deal Johannes
- Project Concordia Eve Maler
- Venn Sweetspot Alexis Bor
- Role of Data Silos Mike Carc
- Identity Beyond the Web Harlan Iverson
- Partitioning the Space Johannes Ernst
- Enterprise Identity RoadMap Marty Schleiff
- CardSpace and Fedlets and SAML Pat Pattersion
- ID Futures Kaliya
- Friend Connect Kevin Marks
- Paradoxes of Identity Management Everything you know is wrong, Brad Templeton
- XRDS - Simple + OAuth Discovery Eran
- You can get a degree for this?
- Legal IIW Kaliya and Bob Blakley
- ID Commons Infrastructure Kaliya and Mary Rudy
- FOAF SSL
- CallVeifID
- What to do on an OAuth Permission page Shreyas, Y!
IIW 5 2007b
- Concordia
- XRDSP (XRDS Provisioning protocol) (10-15)
- OAuth (5)
- HBX (Higgins Browser Extension) Provisioning and Authentication Working Session. (12)
- OSIS Tutorial
- VRM 101
- OpenLife Bits
- Dynamic Federation
- Implementing OpenID and OAuth
- Ubiquitous Computing
- UI Best Practices for OpenID RPs
- VRM Standards Gap
- Landscape 2008
- OpenID Security & Privacy
- Who Wants To Be A Billionare
- Information Cards Intro
- Intro to OAuth
- Trusted Data Exchange & RP Reputation (=nat)
- Real Identity
- Identity Architecture, RM-ODP
- OpenID Tutorial
- OSIS Interop
- IdP Trust and Reputation
- Connectivity from the Edge
- Higgins Tutorial
- OAuth Extensions
- Reliable Identities for Relying Parties
- Who's Who
- OpenID Foundation
- OSIS Interop
- Identity Commons 101
- Open Reputation Management Systems
- OAuth and OpenID
- Deployment Challenges
- Limited Liability Personas
- OSIS Interop
- Understandable Usability
- Identity Commons Resources
- Non-browser OpenID and OAuth
- What IIW Means to Enterprise
- Second Life Residents Supporting OpenID
- Open Reputation Management System (ORMS)
- VRM Projects
- What's Next for OpenID (3.0)
- Bandit Project
- Sxipper Demo
- VRM Use Cases
- Identity Assurance Framework
- Understanding Usability
- La Leche League ID Implementation
- OSIS Steering Comittee
- The ITU World E-Trust Initiative
- Considerations and Best Practice for Large OpenID Providers
- Intro to Concordia
- IIW What's Next Part 2
- Python Future Implementation of OAuth
- Concordia Use Case
- Friends List Portability
- Newbies4Newbies
- XDI-RDF 123
IIW 4 2007a
- What's Ahead for OpenID
- SimplePermissions: Delegation via OpenID
- Identity in ad-hoc, standalone and disconnected networks
- User-Centric Delegation
- Identity Management Legal and Regulatory (Tony Rutkowski, VeriSign)
- Vertical Integration of IDS from devics to users to access networks to core networks to services and content Rakesh Radhakrishnan, Sun]
- Concordia multi-protocol use case session
- Sxipper demo
- IdM Beyond Application Layer
- Managing schema in the identity metasystem
- VRM
- Higgins in seven minutes (PPT file), =paul.trevithick presented this at the beginning of a session
- IDTrust Overview iiw 051607-v1.pdf OASIS IDTrust Overview, OASIS IDTrust Member Sector, Abbie Barbir,Nortel
IIW 3 2006b
- Welcome: Kaliya Hamlin and Phil Windley
- Landscape Map: Kaliya Hamlin and Mike Ozburn
- The Identity Gang Lexicon and Laws of Identity: Dick Hardt
- OSIS - Open Source Identity System: Johannes Ernst (slides from the presentation)
- CardSpace/iCards: Kim Cameron or someone else from Microsoft
- Higgins: Paul Trevithick, Mary Ruddy
- SAML/federation/Liberty Alliance: Eve Maler (presentation in PDF)
- URL Based Identity (OpenID which includes, LID, Yadis, I-names/XRI, Sxip): David Recordon, Scott Kveton
- Identity Commons: Eugene Eric Kim
- OSIS
- FinancialID
- Who are the You I care about
- Deployment Interoperability (User centrism and Federation) - Lena Kannappan
- OpenID Libraries and Implementation
- Pat Patterson's YADIS/XRI/SAML Demo
- SAML LSSO Profile and SimpleSign Binding
- IdP Tools - Mixing & Matching - What's Available?, What's Coming?
- Beyond Passwords
- OpenID and SAML Convergence Touchpoints
- LegalFramework Who owns identity? - Mark Lizar & Louis Monvoisin
- Creative Uses for I-names
- (Room B) (need title)
- IdP Interoperability
- OpenID in Politics
- Identity and Reputation
IIW 1 2005
- Identity in the Marketplace: The Rise of the Fully Empowered Customer - Doc Searls
- Use Cases for the Social Web - Mary Ruddy, SocialPhysics
- Microsoft's Vision for an Identity Metasystem - Mike Jones, Microsoft
- Liberty Alliance Overview - Brett McDowell, Liberty Alliance
- XRI Metaidentifiers - Drummond Reed
- Identity 2.0 Design Guidelines and the Evolution of the SXIP Protocol - Dick Hardt, SXIP
- Decentralized, REST-ful Digital Identity with LID - Johannes Ernst, NetMesh
- OpenID - Brad Fitzpatrick, LiveJournal
- SocialPhysics And The Higgins Trust Framework - Paul Trevithick, SocialPhysics
- Identity Commons - Owen Davis & Joel Getzendanner -
- Kaliya Hamlin Civil Society Meta-Network building and new business models that arise from this.
- Rob Marano and Simon Ben-Avi Architecture and Process of Federated Digital Authentication and Authorization
- Nick Ragouzis Bandwagon Economics, the Necessary Ingredient for Success on the Identity Internet
- Craig Calle Roadmap and Challenges to Open Standards in Networking Applications
- Christopher Allen Four Kinds of Privacy or Progressive Trust or ...
- Adrian Blakey Xanthus, an Open Source Implementation of LID
- ... no, not that Xanthus (the NeXTSTEP hypermedia systemfrom Sweden ...)
- Allan Schiffman: You’re Nobody Till Somebody Rejects You: Requirements for Internet-scale Identity.
- Brett McDowell The Consensus Whiteboard Project as discussed on the mailing list.
- Victor Grey Expanding on Brett McDowell's idea, a proposal to create an IETF-like organization to seek consensus and open voluntary standards for distributed authentication and user-owned data. The proposal can be read on the ic_dev wiki
- Eric Hayes Controlled Identity (bits to a lot of your identity information), Privacy, and Attention Data as a single topic.
- YADIS http://www.yadis.org proposal by Johannes Ernst, David Recordon, and Brad Fitzpatrick
- Owen Davis - Help create the Identity Commons: what is the call to action?
- Mary Hodder