Archive for August, 2009
Posted at 9:00 am on August 13, 2009 by Chris Messina
Announce availability of joint white paper: “Open Trust Frameworks for Open Government“
Washington, D.C.—August 13, 2009–The OpenID Foundation (OIDF) and the Information Card Foundation (ICF) announced today they have published a white paper outlining their approach to open trust frameworks for certification under the U.S. General Services Administration’s Trust Framework Adoption Process (TFAP). Open trust frameworks provide a way for citizens to easily and safely engage with government websites: a key step in making open government a reality.
“Open trust frameworks are the way to bridge open identity technologies like OpenID and Information Cards with the trust requirements of large communities such as the U.S. Federal Government,” said Drummond Reed, executive director of the Information Card Foundation. “They are a practical solution to enabling government agency websites and applications to accept identities from non-governmental identity providers. This reduces friction and lowers costs while at the same time increases security and privacy.”
“The fact of the matter is you can’t have open government with broad citizen engagement without trust frameworks and open standards,” adds Don Thibeau, executive director of the OpenID Foundation. “OpenID and Information Cards offer an open standards approach for achieving this via the Internet and other public networks.”
The paper, “Open Trust Frameworks for Open Government” and coauthored by Thibeau and Reed, is available for download at the OpenID Foundation and The Information Card Foundation websites. More information on U.S. General Services Administration’s Trust Framework Adoption Process is available on the government’s IDManagement.gov website.
-more-
About the OpenID Foundation
OpenID Foundation (OIDF) is a non-profit open source community whose mission is to drive the broad adoption of OpenID technology. The Foundation fosters and promotes the development and adoption of OpenID as a framework for user-centric identity on the Internet. OpenID allows users to sign in to multiple websites without needing to create new passwords. OIDF is headquartered in San Ramon, Calif. www.openid.net
About the Information Card Foundation
The Information Card Foundation is an international non-profit whose mission is to advance simpler, more secure, and more portable digital identity on the Internet. Information Card technology gives users greater control over personal information while at the same time enabling more beneficial digital relationships with businesses. Steering members of the foundation include Deustche Telecom, Equifax, Google, Intel, Microsoft, Novell, Oracle, and PayPal. ICF is headquartered in Boston, MA. Visit the ICF website at www.informationcard.net.
Tags: Don Thibeau, drummond reed, government, information card foundation
This entry was posted
on Thursday, August 13th, 2009 at 9:00 am and is filed under Foundation, Press Releases.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Posted at 1:15 pm on August 10, 2009 by Chris Messina
This is an interview framed by Chris Messina, an OpenID board member and elected community representative with Don Thibeau, Executive Director of the OpenID Foundation.
So, how have your first months with the foundation been?
Fast paced—I am amazed at the level of activity, complexity of issues and the volume of opinions. The Foundation is evolving rapidly from within; the range of membership interest is increasing. While from the outside; the diversity of adoption and adopters is exploding. It’s a wild ride.
OpenID is surfing huge wave of mainstream interest in social media, in open government and in industry positioning for open web realities. I’ve kept a low profile for three reasons. One: there are much better evangelists in the community than me; two: I’ve been tending to legal, financial, “plumbing” issues. We needed to fix the “foundation of the foundation” to respond to legitimate demands from the community for more services and better tools at the same time as giving member companies the accountability they require. Lastly, the CIO of the government called the OpenID board to a meeting in Washington to ask for our help with the President’s “Open Government” initiative. It was a memorable meeting for two reasons; it took place at the White House Conference Center and I’ve never seen OpenID Foundation board members wearing suits and ties.
What kind of unexpected challenges and opportunities have you encountered?
I knew I had a cool job when a friend mentioned NASA was using OpenID to task satellites. Like many agencies, NASA Goddard has been experimenting with the use of various open standards (Geospatial and others) including OpenID and Information Cards. We are also hearing from state, local and foreign governments about their desire to use OpenID. Maybe because I live in DC, I see the OIDF participation in government standards or “sausage making” as common sense. GSA, NIST and other government forums are exactly where collaboration is expected and beneficial to OpenID. All the while, I’ve been playing catch-up to make the Foundation run smoother. I live in Washington D.C. and work with Board members on the East and West coasts, in Bangalore and Tokyo. These challenges come with the territory. So, I am long on opportunities and short on time.
How do you feel about the progress you and the rest of the board have made in the past months?
One clear consensus view is we want more done sooner. It’s a good problem. It reflects the dynamism of today’s identity ecosystem and the pressure we all feel to the have Foundation matter on issues we care about. For good reasons and bad, all too often the Foundation operated at a suboptimal level. Now we are working to improve the quality of membership services, specification processes and web tools. The engine of the OIDF remains its working groups and committees. We live and die by the level of community participation and the quality of Board leadership.
While there are boards with members with fancier titles, the OpenID Board is made up of people responsible for getting things done in their companies and among their peers. This Board is still new; a mash up of companies, personalities and passions. My job is to be an honest broker of ideas and build an environment so we can stay focused on a protocol specific agenda and add value in this rapidly evolving identity ecosystem.
Let’s get in to some specifics: you mentioned that one of your top three priorities was to “build a foundation for growth” by making sure that the “Foundations’ finances and governance issues are solid”. Can you elaborate on specific steps that you’ve taken so far and what kind of progress you’ve made?
First, we’ve outsourced all non-essential functions like accounting, administration, etc. to companies that do that for a living for other open standards groups. This gives member companies the accountability they require to contribute financially and the community the confidence they need to contribute expertise. Second, we’ve put our money where our mouth is. The budget invested scarce resources in only those plans that protect IP, promotes adoption and evolves OpenID. As Raj Mata, our treasurer said; “We will not have a “feed the beast” budget.” The Board agreed to fund only those things a Foundation like ours can and must do.
The investment in “plumbing” will result in easier “on ramps” for individual members and corporate sponsors. Memberships will be processed faster, budgeting standardized. Better tools for committees and working groups are some of our success metrics. I need to demonstrate the OIDF’s capacity to provide thought leadership and tangible participation benefits. Chris Messina is leading a volunteer effort with Michael Olson (of JanRain) and “Content Wrangler Extraordinaire” Amanda Richardson to update our web workplace and community participation.
Now let’s cover some specific areas of emphasis for OpenID. What can you tell us about the progress with improving OpenID’s usability?
This is a key concern throughout the community. We have to do better. We are planning a series of usability events in the fall. These will focus on usability in government adoption as well as in new areas of adoption. We are planning open use case workshops with the National Institutes of Health, the National Library of Medicine and the National Cancer Institute to refine interoperability and look at usability through the eyes of scientists collaborating worldwide. Luke Shepard of Facebook and Alan Tom of Yahoo, our usability committee co-chairs, are looking at several options in the Bay Area to bring new energy and approaches to OpenID usability. Google has long standing and deep domain expertise in usability and our efforts can now include new players like Sears and Kmart. I know the developers in “My-Sears” usability labs in Chicago are looking forward to meeting their peers in the Bay Area and throughout the community.
OpenID’s growth has been exponential, but its adoption has been asymmetrical. Usability is the key to a more balanced evolution. We need more relying parties involved in this adoption dynamic than we’ve seen to date. But as with security, I believe the more platforms are built where OpenID can be used, the more value gets created. It will be fascinating to see how this “network effect” plays out.
What’s new with OpenID, security and privacy?
With the growing mainstream interest in OpenID comes good and bad. We are open to misunderstanding from non-technical audiences and increased scrutiny by privacy advocates and interest groups. I think OpenID can benefit from the mainstream media’s excited embrace of social web tools and therefore be enriched by mainstream adoption. I am a fan of Facebook’s Tim Sparapani, a former civil liberties attorney. He is one of the most articulate voices in the community on privacy. In many ways, privacy has become a commodity. Travelers exchange it for safety; celebrities exchange it for well, celebrity, and we all exchange it for a few cents off at the checkout aisle in the Safeway. We know that the social web is, by definition, interactive, that it takes information about what I’m typing in order to send things to me.
Privacy is an issue. It is not a crisis. The industry has done the right thing by getting ahead of this curve and saying, we have to be able to be part of a coordinated effort to address the public and address people in Washington DC, especially those interested in “open government.” One of the principles the Board wants to embed is a self-regulatory, self-certifying system. We’re committing to collaborating with the entire identity ecosystem in order to educate the public continuously about both benefits and risk mitigation.
Security is another issue the Board has invested in. The government interest in OpenID forces a deep dive into these issues. I am reminded daily about OpenID’s security challenges. I welcome the worries. It’s understandable given the denial of service attacks we’ve seen recently. My response is an invitation to join the effort to shape our standard. OpenID is a new protocol it is undergoing a rigorous real time shakedown. Andrew Nash, a board member of both the OpenID and Information Card Foundations, put together a team at PayPal to help OpenID get traction in of our toughest challenges. That’s the kind of leadership that will help get traction on one of the Foundation’s highest priorities.
Lastly, what should we be looking forward to over the next three to four months?
Some call government adoption the “mother of all use cases.” We been collaborating with ICF and other groups on a theme we call “Open Trust Frameworks for Open Government.” Our working hypothesis is the US Government’s pilot adoption of OpenID protocols is a “forcing function” and will yield benefits throughout the open identity community. As a forcing function, the government’s technical “profile” for OpenID and accompanying certification requirements (Trust Framework Adoption Program) are, in effect, use case constraints. I believe the size, influence and market value of a government wide adoption offers timely, material and strategic benefits to member companies and the community at large. OpenID OPs who want to participate in adoption of OpenID “are forced” ( no one forces Google to do anything…) to complete a set of tasks based on the GSA’s limited, paired down set of technology features, certification requirements and privacy controls.
The OpenID Foundation and other identity protocol organizations have invested significant resources in this public/private collaboration. These industry leading groups have clear expectations of significant positive returns in several areas. Vivek Kundra, US CIO told the OIDF that the government intends to leverage the large and growing OpenID installed base and corporate sponsorship to further its open government goals. So the OIDF believes this forcing function will further its mission by accelerating adoption and improving and streamlining how government agencies, contractors and citizens use OpenID.
But only time will tell, this public/private industry initiative will be successful if the current collaboration expands to meet the increased challenges of the next phase: a public-facing launch of our open trust framework and pilot programs at the NIH and other agencies.
Tags: Don Thibeau, government, interview
This entry was posted
on Monday, August 10th, 2009 at 1:15 pm and is filed under News.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Posted at 1:01 pm on by Chris Messina
As the US government considers OpenID as a vehicle for citizen engagement, it became time for the OpenID Foundation’s website to receive similar consideration. For some time, the site has been neglected and ignored — serving primarily as a resource for developers, with little regard paid to people just learning about digital identity. The new design — while far from complete or final — is a first step to remedy that imbalance.
Moreover, I think it’s also important to realize that in Don’s post today (and related interview), we’re starting to witness the slow realization of the importance and relevance of digital identity to a broader audience — one that has become accustomed to having fractured identities across the web, and having to create new logins on every website with which they wish to engage.
The new design is intended to be more open and clean — and to present a fresher face for OpenID — indeed, to provide the foundation for a re-invigorated identity.
As I mentioned, the site is far from complete — and will need a lot of work to become the public resource that it needs to be in order to continue to make OpenID — both concept and technology — more accessible to an increasingly wider swath of the internet population.
If you have feedback or ideas, please don’t hesitate to post them or send them to the marketing mailing list.
Credit where credit’s due: This project came together in a very short amount of time, and I’d like to give a shoutout to the team at Cloud Four (Jason, Lyza, Megan, John and Aileen), Amanda Richardson, John Ehrig from Global Inventures, Michael Olson and Brian Kissel from Janrain and Don Thibeau — who contributed to help make this happen. Of course the work’s just begun, but this is an important first step forward for the Foundation.
Tags: branding, redesign, website
This entry was posted
on Monday, August 10th, 2009 at 1:01 pm and is filed under Marketing, News.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.