I had the privilege of attending the Internet Identity Workshop (IIW) in Mountain View this week. It was a very cool experience, and my first time out to the valley. On a whole people are pretty sharp, but I think what differentiates them from the local talent in the Twin Cities is their connections. The majority of people there weren't much beyond my punching weight, but a key difference is that a good number were. I want to be the least talented person in a given setting; not by striving to be the worst, but simply by being surrounded by people who are great.

My favorite session was of course my own, "Identity Beyond The Web"; it would have been nothing though, without Jeff Hodges there. We went over the basics of SASL and SAML, talked about various SAML profiles and how they would plug into the design pattern of SASL. We also talked about n-tier authN/authZ and bashed OpenID a bit. Not that OpenID sucks, it just doesn't solve any non-web related identity problems.

Another interesting talk that indirectly tied in to SAML was given by Bryant Cutler and Devlin Daley; I don't have the session title, but the part I caught related to patterns of assertions about n-tiers of parties. I'm looking forward to reading their work.

My biggest hope for future IIW is more discussion of identity beyond the web and OpenID. I think it's a reasonable solution for a very limited space (probably its intended purpose), but it does not solve the more fundamental problem of ubiquitous identity.

I have gained a reasonable understanding of the identity space, but it is much, much deeper than the lay person can possibly imagine. I still have a long, long way to go. Otherwise this blog post would be much more insightful :)

There is no sense reiterating a review of the entire event, as there are plenty out there; just search for IIW2008a or IIW6.