Upon2020 (archive)

As OpenID grows, some form of governance structure is required. After many months of discussion, our collective plans for the creation of the OpenID Foundation was announced today to the OpenID-general mailing list. Here is the announcement: OpenID’s growing popularity over the past few months bring two pain points to light: A clear home for…

Much discussion has happened recently about various attack vectors against OpenID, most brought up in the spirit of "I want to help fix it", which is great. In this post, I will try to summarize the how to achieve a "security gradient" for OpenID that allows implementors to choose the tradeoff that suits their application…

Update: In the first version, I mistakenly had not attributed Bob Blakley who had blogged about On “The Absurdity of Owning One’s Identity” first. My apologies. Today’s news illustrates the limits of what I’d call the radical approach to user-centric identity: it is simply not acceptable to fully owning (an expansive version of) all of…

The CAD/CAE systems I used with in the late 80’s were all special-purpose machines, i.e. hardware configuration, operating system, and application had been optimized for the specific purpose of doing CAD. While, obviously, general-purpose computers were underneath, that’s not how we thought about them: we thought about them as an integrated solution for a specific…