Archive for the 'People' Category

January 1, 2022
Computing Archaeology Expedition: The First Smiley :-)

Scott Fahlman with SmileyIn September 1982, artificial intelligence professor Scott Fahlman made a post on the Carnegie Mellon Computer Science Department “general” bboard inventing the original smiley :-). I remember thinking at the time when I read it “what a good idea!”. But in 2002 when I told friends about it, I couldn’t find Scott’s post online anywhere.

So in 2002, I led a computing archaeology expedition to restore his post. As described in my original post describing this accomplishment, after a significant effort to locate it, on September 10, 2002 the original post made by Scott Fahlman on CMU CS general bboard was retrieved by Jeff Baird from an October 1982 backup tape of the spice vax (cmu-750x). Here is Scott’s original post:

19-Sep-82 11:44    Scott E  Fahlman             :-)
From: Scott E  Fahlman <Fahlman at Cmu-20c>

I propose that the following character sequence for joke markers:

:-)

Read it sideways.  Actually, it is probably more economical to mark
things that are NOT jokes, given current trends.  For this, use

:-(

I’m reposting this here now both to recommemorate the accomplishment nearly twenty years later, and because my page at Microsoft Research where it was originally posted is no longer available.

December 20, 2021
Identity, Unlocked Podcast: OpenID Connect with Mike Jones

MicrophoneI had a fabulous time talking with my friend Vittorio Bertocci while recording the podcast Identity, Unlocked: OpenID Connect with Mike Jones. We covered a lot of ground in 43:29 – protocol design ground, developer ground, legal ground, and just pure history.

As always, people were a big part of the story. Two of my favorite parts are talking about how Kim Cameron brought me into the digital identity world to build the Internet’s missing identity layer (2:00-2:37) and describing how we applied the “Nov Matake Test” when thinking about keeping OpenID Connect simple (35:16-35:50).

Kim, I dedicate this podcast episode to you!

December 19, 2021
Stories of Kim Cameron

Kim Cameron LaughingSince Kim’s passing, I’ve been reflecting on his impact on my life and remembering some of the things that made him special. Here’s a few stories I’d like to tell in his honor.

Kim was more important to my career and life than most people know. Conversations with him in early 2005 led me to leave Microsoft Research and join his quest to “Build the Internet’s missing identity layer” – a passion that still motivates me to this day.

Within days of me joining the identity quest, Kim asked me to go with him to the first gathering of the Identity Gang at PC Forum in Scottsdale, Arizona. Many of the people that I met there remain important in my professional and personal life! The first Internet Identity Workshop soon followed.

Kim taught me a lot about building positive working relationships with others. Early on, he told me to always try to find something nice to say to others. Showing his devious sense of humor, he said “Even if you are sure that their efforts are doomed to fail because of fatal assumptions on their part, you can at least say to them ‘You’re working on solving a really important problem!’ :-)” He modelled by example that consensus is much easier to achieve when you make allies rather than enemies. And besides, it’s a lot more fun for everyone that way!

Kim was always generous with his time and hospitality and lots of fun to be around. I remember he and Adele inviting visitors from Deutsche Telekom to their home overlooking the water in Bellevue. He organized a night at the opera for identity friends in Munich. He took my wife Becky and I and Tony Nadalin out to dinner at his favorite restaurant in Paris, La Coupole. He and Adele were the instigators behind many a fun evening. He had a love of life beyond compare!

At one point in my career, I was hoping to switch to a manager more supportive of my passion for standards work, and asked Kim if I could work for him. I’ll always remember his response: “Having you work for me would be great, because I wouldn’t have to manage you. But the problem is that then they’d make me have others work for me too. Managing people would be the death of me!”

This blog exists because Kim encouraged me to blog.

I once asked Kim why there were so many Canadians working in digital identity. He replied: “Every day as a Canadian, you think ‘What is it that makes me uniquely Canadian, as opposed to being American? Whereas Americans never give it a thought. Canadians are always thinking about identity.'”

Kim was a visionary and a person of uncommon common sense. His Information Card paradigm was ahead of its time. For instance, the “selecting cards within a wallet” metaphor that Windows CardSpace introduced is now widespread – appearing in platform and Web account selectors, as well as emerging “self-sovereign identity” wallets, containing digital identities that you control. The demos people are giving now sure look a lot like InfoCard demos from back in the day!

Kim was a big believer in privacy and giving people control over their own data (see the Laws of Identity). He championed the effort for Microsoft to acquire and use the U-Prove selective disclosure technology, and to make it freely available for others to use.

Kim was hands-on. To get practical experience with OpenID Connect, he wrote a complete OpenID Provider in 2018 and even got it certified! You can see the certification entry at https://openid.net/certification/ for the “IEF Experimental Claimer V0.9” that he wrote.

Kim was highly valued by Microsoft’s leaders (and many others!). He briefly retired from Microsoft most of a decade ago, only to have the then-Executive Vice President of the Server and Tools division, Satya Nadella, immediately seek him out and ask him what it would take to convince him to return. Kim made his asks, the company agreed to them, and he was back within about a week. One of his asks resulted in the AAD business-to-customer (B2C) identity service in production use today. He also used to have regular one-on-ones with Bill Gates.

Kim wasn’t my mentor in any official capacity, but he was indeed my mentor in fact. I believe he saw potential in me and chose to take me under his wing and help me develop in oh so many ways. I’ll always be grateful for that, and most of all, for his friendship.

In September 2021 at the European Identity and Cloud (EIC) conference in Munich, Jackson Shaw and I remarked to each other that neither of us had heard from Kim in a while. I reached out to him, and he responded that his health was failing, without elaborating. Kim and I talked for a while on the phone after that. He encouraged me that the work we are doing now is really important, and to press forward quickly.

On October 25, 2021, Vittorio Bertocci organized an informal CardSpace team reunion in Redmond. Kim wished he could come but his health wasn’t up to travelling. Determined to include him in a meaningful way, I called him on my phone during the reunion and Kim spent about a half hour talking to most of the ~20 attendees in turn. They shared stories and laughed! As Vittorio said to me when we learned of his passing, we didn’t know then that we were saying goodbye.


P.S. Here’s a few of my favorite photos from the first event that Kim included me in:

Kim and Craig Burton Gesticulating Mike Jones, Drummond Reed, and Kim Dick Hardt Mike Jones Kim with Coffee

All images are courtesy of Doc Searls. Each photo links to the original.

April 28, 2021
Passing the Torch at the OpenID Foundation

OpenID logoToday marks an important milestone in the life of the OpenID Foundation and the worldwide digital identity community. Following Don Thibeau’s decade of exemplary service to the OpenID Foundation as its Executive Director, today we welcomed Gail Hodges as our new Executive Director.

Don was instrumental in the creation of OpenID Connect, the Open Identity Exchange, the OpenID Certification program, the Financial-grade API (FAPI), and its ongoing worldwide adoption. He’s created and nurtured numerous liaison relationships with organizations and initiatives advancing digital identity and user empowerment worldwide. And thankfully, Don intends to stay active in digital identity and the OpenID Foundation, including supporting Gail in her new role.

Gail’s Twitter motto is “Reinventing identity as a public good”, which I believe will be indicative of the directions in which she’ll help lead the OpenID Foundation. She has extensive leadership experience in both digital identity and international finance, as described in her LinkedIn profile. The board is thrilled to have her on board and looks forward to what we’ll accomplish together in this next exciting chapter of the OpenID Foundation!

I encourage all of you to come meet Gail at the OpenID Foundation Workshop tomorrow, where she’ll introduce herself to the OpenID community.

October 28, 2020
Second OpenID Foundation Virtual Workshop

OpenID logoLike the First OpenID Foundation Virtual Workshop, I was once again pleased by the usefulness of the discussions at the Second OpenID Foundation Virtual Workshop held today. Many leading identity engineers and businesspeople participated, with valuable conversations happening both via the voice channel and in the chat. Topics included current work in the working groups, such as eKYC-IDA, FAPI, MODRNA, FastFed, EAP, Shared Signals and Events, and OpenID Connect, plus OpenID Certification, OpenID Connect Federation, and Self-Issued OpenID Provider (SIOP) extensions.

Identity Standards team colleagues Kristina Yasuda and Tim Cappalli presented respectively on Self-Issued OpenID Provider (SIOP) extensions and Continuous Access Evaluation Protocol (CAEP) work. Here’s my presentation on the OpenID Connect working group (PowerPoint) (PDF) and the Enhanced Authentication Profile (EAP) (PowerPoint) (PDF) working group. I’ll add links to the other presentations when they’re posted.

May 18, 2018
Ongoing recognition for the impact of OpenID Connect and OpenID Certification

OpenID logoThis week the OpenID Certification program won the 2018 European Identity and Cloud Award for Best Innovation at the European Identity and Cloud (EIC) conference. This is actually the second award for the OpenID Certification program this year and only the latest in a series awards recognizing the value and impact of OpenID Connect and certification of its implementations.

On this occasion, I thought I’d take the opportunity to recount the awards that OpenID Connect, the specifications underlying it, and its certification program have been granted. To date, they are:

My sincere thanks to Kuppinger Cole for their early recognition of potential of OpenID Connect, for calling out the value of OAuth 2.0, JWT, and JOSE, and to both IDnext and Kuppinger Cole for recognizing the importance and global impact of OpenID Certification!

Speaking of impact, I can’t help but end this note with data that Alex Simons presented at EIC this week. 92% of Azure Active Directory (AAD) authentications use OpenID Connect. There’s no better demonstration of impact than widespread deployment. Very cool!

Alex Simons 92% OpenID Connect

May 17, 2018
OpenID Certification wins 2018 European Identity and Cloud Award

OpenID Certified logoThe OpenID Certification program won the 2018 European Identity and Cloud Award for Best Innovation at the European Identity and Cloud (EIC) conference. See the award announcement by the OpenID Foundation for more details. This is actually the second award this year for the OpenID Certification program.

The award recognizes that the OpenID Certification program has become a significant global force promoting high-quality, secure, interoperable OpenID Connect implementations. Its innovative use of self-certification using freely available online tools has made testing the quality of OpenID Connect implementations simple, effective, and commonplace. Thanks to Kuppinger Cole for recognizing the impact of the OpenID Certification program!

EIC 2018 Award EIC 2018 Award Certificate EIC 2018 Award John Bradley, Mike Jones, Nat Sakimura EIC 2018 Award Don Thibeau EIC 2018 Award State EIC 2018 Award Don Thibeau, George Fletcher, Mike Jones, John Bradley, Nat Sakimura

March 29, 2018
OpenID Certification wins the 2018 Identity Innovation Award

OpenID Certified logoI’m thrilled that the OpenID Certification program has won the 2018 Identity Innovation Award at the IDnext conference. See the award announcement by the OpenID Foundation for more details.

The award recognizes that the OpenID Certification program has become a significant global force promoting high-quality, secure, interoperable OpenID Connect implementations. Its innovative use of self-certification using freely available online tools has made testing the quality of OpenID Connect implementations simple, effective, and commonplace. Thanks to IDnext for recognizing the impact of the OpenID Certification program!

Also, see the IDnext press release announcing the award and its description of the opinion of the award committee:

The significant global impact of the OpenID Certification program was a reason for its selection for the Identity Innovation Award. It recognizes that the innovative use of self-certification, with freely available testing tools, has resulted in substantial participation in the certification program, improving the security, quality, and interoperability of OpenID Connect implementations worldwide.

Identity Innovation Award

Identity Innovation Award Presentation

Finally, here’s the presentation that I gave at the IDnext conference making the case for the award (pptx) (pdf).

July 21, 2015
Lots of great data about JWT and OpenID Connect adoption!

JWT logoCheck out the post Json Web Token (JWT) gets a logo, new website and more by Matias Woloski of Auth0. I particularly love the data in the “Numbers speak for themselves” section and the graph showing the number of searches for “JSON Web Token” crossing over the number of searches for “SAML Token”.

Also, be sure to check out http://jwt.io/, where you can interactively decode, verify, and generate JWTs. Very cool!

April 11, 2015
10 Years of Digital Identity!

How time flies! In March 2005 I began working on digital identity. This has by far been the most satisfying phase of my career, both because of the great people I’m working with, and because we’re solving real problems together.

An interesting thing about digital identity is that, by definition, it’s not a problem that any one company can solve, no matter how great their technology is. For digital identity to be “solved”, the solution has to be broadly adopted, or else people will continue having different experiences at different sites and applications. Solving digital identity requires ubiquitously adopted identity standards. Part of the fun and the challenge is making that happen.

Microsoft gets this, backs our work together, and understands that when its identity products work well with others that our customers and partners choose to use, we all win. Very cool.

Those who of you who’ve shared the journey with me have experienced lots of highs and lows. Technologies that have been part of the journey have included Information Cards, SAML, OpenID 2.0, OAuth 2.0, JSON Web Tokens (JWTs), JSON Web Signing and Encryption (JOSE), and OpenID Connect. Work has been done in OASIS, the Information Card Foundation, the OpenID Foundation, the Open Identity Exchange (OIX), the Liberty Alliance, the IETF, the W3C, the FIDO Alliance, and especially lots of places where the right people chose to get together, collaborate, and made good things happen – particularly the Internet Identity Workshop.

It’s worth noting that this past week the Internet Identity Workshop held its 20th meeting. They’ve been held like clockwork every spring and fall for the past 10 years, providing an indispensable, irreplaceable venue for identity practitioners to come together and get things done. My past 10 years wouldn’t have been remotely the same without the past 10 years of IIW. My sincerest thanks to Phil, Doc, and Kaliya for making it happen!

I won’t try to name all the great people I’ve worked with and am working with because no matter how many I list, I’d be leaving more out. You know who you are!

While we’re all busy solving problems together and we know there’s so much more to do, it’s occasionally good to step back and reflect upon the value of the journey. As Don Thibeau recently observed when thanking Phil Windley for 10 years of IIW, “these are the good old days”.

February 5, 2015
2015 OpenID Foundation Board Election Results

OpenID logoThanks to those of you who re-elected me to a two-year term on the OpenID Foundation board of directors. As I wrote in my candidate statement, while OpenID is having notable successes, our work is far from done. Taking it to the next level will involve both additional specifications and strategic initiatives by the foundation. I plan to continue taking an active role in making open identity solutions even more successful, valuable, and ubiquitous. Thanks for placing your trust in me!

I’d like to also take this opportunity to congratulate my fellow board members who were also re-elected: Torsten Lodderstedt, John Bradley, and George Fletcher. See the OpenID Foundation’s announcement of the 2015 election results for more information.

February 6, 2014
Congratulations to Torsten Lodderstedt on his election to the OpenID Board

OpenID logoMy congratulations to Torsten Lodderstedt on his election to the OpenID Board on behalf of Deutsche Telekom. And my thanks to Lasse Andresen of ForgeRock and Chuck Mortimore of Salesforce for also being willing to serve. I look forward to serving on the board with Torsten and agree with Chuck’s comment that any of these candidates would do a fine job!

July 30, 2013
OpenID Connect Server in a Nutshell

OpenID logoNat Sakimura has written a valuable post describing how to write an OpenID Connect server in three simple steps. It shows by example how simple it is for OAuth servers to add OpenID Connect functionality. This post is a companion to his previous post OpenID Connect in a Nutshell, which described how simple it is to build OpenID Connect clients. If you’re involved in OpenID Connect in any way, or are considering becoming involved, these posts are well worth reading.

April 9, 2013
Tim Bray on ID Tokens

OpenID logoTim Bray has written a post giving his take on what ID Tokens are and why they’re valuable, both for OpenID Connect and beyond. Full of geeky identity goodness…

February 14, 2013
Thanks for Voting in the OpenID Board Election

OpenID logoAs you may have seen, the results of the 2013 OpenID Board Election have been announced. Thanks to all of you who participated and thank you for entrusting me with a seat on the board for the next two years. My congratulations to my fellow board community members as well. I intend to make the most of this opportunity to continue making people’s online interactions more seamless, secure, and valuable.

January 25, 2013
Please Vote Now in the OpenID Board Election

OpenID logoThe election for community (individual) OpenID board members is under way at https://openid.net/foundation/members/elections/14. I encourage all of you to vote now. (Don’t wait until the morning of Wednesday, February 6th!) If you’re not already an OpenID Foundation member, you can join for USD $25 at https://openid.net/foundation/members/registration and participate in the election.

I’m running for the board this time and would appreciate your vote. My candidate statement, which is also posted on the election site, follows.


OpenID has the potential to make people’s online interactions seamless, secure, and more valuable. I am already working to make that a reality.

First, a bit about my background with OpenID… I’ve been an active contributor to OpenID since early 2007, including both specification work and serving the foundation. My contributions to the specification work have included: an author and editor of the OpenID Provider Authentication Policy Extension (PAPE) specification, editor of the OAuth 2.0 bearer token specification (now RFC 6750), an author and editor of the JSON Web Token (JWT) specification and the JSON Object Signing and Encryption (JOSE) specifications, which are used by OpenID Connect, and an active member of the OpenID Connect working group.

I’ve also made substantial contributions to the foundation and its mission, including: In 2007 I worked with the community to create a legal framework for the OpenID Foundation enabling both individuals and corporations to be full participants in developing OpenID specifications and ensuring that the specifications may be freely used by all; this led to the patent non-assertion covenants that now protect implementers of OpenID specifications. I served on the board representing Microsoft in 2008 and 2009, during which time I was chosen by my fellow board members to serve as secretary; you’ve probably read some of the meeting minutes that I’ve written. I’ve served on the board as an individual since 2011. I have helped organize numerous OpenID summits and working group meetings. I chaired the election committee that developed the foundation’s election procedures and software, enabling you to vote with your OpenID. I co-chaired the local chapters committee that developed the policies governing the relationships between local OpenID chapters around the world and the OpenID Foundation. I also serve on the marketing committee and am a member of the Account Chooser working group.

I’d like to continue serving on the OpenID board, because while OpenID has had notable successes, its work is far from done. Taking it to the next level will involve both enhanced specifications and strategic initiatives by the foundation. Through OpenID Connect, we are in the process of evolving OpenID to make it much easier to use and deploy and to enable it to be used in more kinds of applications on more kinds of devices. The Account Chooser work is making it easier to use identities that you already have across sites. I’m also pleased that the Backplane Exchange work is happening in the foundation – clear evidence of the increasing value provided by the OpenID Foundation. Yet, as a foundation, we need to continue building a broader base of supporters and deployers of OpenID, especially internationally. We need to form closer working relationships with organizations and communities doing related work. And we need continue to safeguarding OpenID’s intellectual property and trademarks so they are freely available for all to use.

I have a demonstrated track record of serving OpenID and producing results. I want to continue being part of making open identity solutions even more successful and ubiquitous. That’s why I’m running for a community board seat in 2013.

Mike Jones
mbj@microsoft.com
http://self-issued.info/

December 6, 2012
2013 OpenID Board Election Announcement

OpenID logoThe OpenID Foundation has announced the upcoming OpenID community board member election. Board members play an important role in safeguarding and advancing OpenID technologies and doing the work of the Foundation on a day-to-day basis. If you’re considering running, I’d be glad to discuss my experiences serving on the board with you.

Watch the OpenID blog and this space for updates on the election over the next few months.

(And yes, I plan to stand for re-election.)

July 18, 2012
My congratulations to Andrew Nash

Andrew NashMy congratulations to Andrew Nash on his new position as CTO of Trulioo. Have fun playing on the swings and the monkey bars!

February 14, 2012
Greg Keegstra and Axel Nennker Elected to OpenID Board

OpenID logoMy congratulations to Greg Keegstra and Axel Nennker for their election to the OpenID Board of Directors. Greg brings strong marketing chops and his can-do spirit to the board. Axel returns with his mix of deep technical expertise and common sense. I’m looking forward to serving with both of you!

January 24, 2012
OpenID Connect in a Nutshell

OpenID logoNat Sakimura has written a valuable post describing OpenID Connect in a nutshell. It shows by example how simple it is for relying parties to use basic OpenID Connect functionality. If you’re involved in OpenID Connect in any way, or are considering becoming involved, his post is well worth reading.

Next »