Year: 2008

A little more on OpenID adoption

In response to my post about the lag in OpenID RP adoption, Mark Workel asked the following questions: 1. What are the strategic advantages of becoming an IdP? 2. As a consumer or RP, how do I know if an IdP is reliable? I don’t think I can authoritatively answer these, but I do have

We’re Number 1! We’re Number 1!

UPDATE (August 27, 2008): I have updated the blog post to avoid violating certain copyright issues with Gartner Gartner has released their latest Magic Quadrant on User Provisioning. It’s good to see that we have built on our previous success to emerge as one of the best (if not the best) in the Provisioning industry.

The Frameworks are Coming

I read with great interest Kim Cameron’s most recent post about the Beta release of Zermatt, Microsoft’s new identity application development framework. It is a step towards the kind of programming framework that I have been talking about and working on with my colleagues at Oracle for a while now. So I am just a

Please Update to My New RSS Feed

If you subscribe to my blog using RSS, please update your feed reader with my new feed URL. I have been using Feedburner to source my feeds for a month or so now. Besides improving the feed quality a bit, it also insulates you from some changes I may be making to my blog in

Welcoming Jeff Shukis to the Oracle Blogs network

My colleague Jeff Shukis, who used to be VP of Engineering and Operations at Bridgestream, has started a blog of his own to talk about identity management, role management in particular. In his first post, he has started a deeper dive into the shortcomings of the NIST RBAC standard, an issue that I raised a

If you can’t trust Airport Security, who can you trust?

The latest to suffer an identity theft breach – the innovative CLEAR system that speeds frequent travelers through airport security by collecting personal data, doing an extensive background check and issuing smart cards. Stolen from a “locked” room in San Francisco  airport was a laptop with the data for 33,000 travelers. This line from the

Whoa! Talk about trying to spread FUD

A colleague of mine forwarded me this Sun blog post by Paul Walker commenting on the rise of Oracle IAM to leadership status. I read it with some amusement, as I remembered my days at Thor when I, a hard-working serf in a startup, would rail (in private, as I didn’t have a blog back

Johannes talks about the OpenID RP “Problem”

Johannes Ernst has responded to my post on what I view as a problem for OpenID – the proliferation of OpenID Providers without the emergence of Relying Parties that use them. First of all, let me state for the record that I am a big fan of OpenID, and in no way view this problem

The Optimist is feeling a little pessimistic

Seems like the recent Catalyst conference led the Eternal Optimist, Pam Dingle, to question how we are doing as an industry. It is true that a lot of the messaging has shifted from what enterprises need to accomplish based on their unique needs to “check-off the list” buzzwords like GRC (which Bob Blakely called a

OpenIDs problems don’t seem to be going away

I got news today that MySpace is joining the OpenID revolution. This supposedly brings the number of OpenID-enabled accounts to over half a billion. Maybe it looks like good news for OpenID, but isn’t this actually a problem? Isn’t the intent of OpenID to reduce the number of logins we have? Why am I moving