Category: Identity

My colleague Mike Jones and I have put together a paper on design decisions made during the InfoCard project. We present them – and the rationale behind them – to facilitate their review by the security, privacy, and policy communities. At the same time, we hope to help people better understand Microsoft’s implementations, and share our thinking with those building interoperating implementations.

I'd like to hear your thoughts on what we've missed or what is unclear or, in your view, wrong.

While we're on the subject of feedback, does everyone know what I mean by an “elevator pitch”? (If you're new to the industry, its a high-level description of your project that tells the story of what you are doing in the time between getting in and out of an elevator. And I'm not talking about a New York skyscraper.)

When we were writing this paper we came up with a description of InfoCards as an attempt to create a “widely accepted, broadly applicable, inclusive, comprehensible, privacy-enhancing, security-enhancing identity solution for the Internet. ”

Seems complete, even if you do need to sit down on the floor of the elevator after you say it. Any comments?

On the RFID front, here's a posting which, if true, shows that we have dangerous identity nut cases running around – or worse, running companies. How many of the Laws can they break at once? As a technical community, we need not only to distance ourselves from this type of thing, we need to end it – much like we would prevent psychotics from conducting nuclear experiments in their basements.

Cincinnati video surveillance company CityWatcher.com now requires employees to use VeriChip human implantable microchips to enter a secure data center, Network Administrator Khary Williams told Liz McIntyre by phone yesterday. McIntyre, co-author of “Spychips: How Major Corporations and Government Plan to Track Your Every Move with RFID,” contacted CityWatcher after it announced it had integrated the VeriChip VeriGuard product into its access control system.

The VeriChip is a glass encapsulated RFID tag that is injected into the flesh of the triceps area of the arm to uniquely number and identify individuals. The tag can be read through a person's clothing, silently and invisibly, by radio waves from a few inches away. The highly controversial device is being marketed as a way to access secure areas, link to medical records, and serve as a payment instrument when associated with a credit card.

According to Williams, a local doctor has already implanted two of CityWatcher's employees with the VeriChip devices. “I will eventually” receive an implant, too, he added. In the meantime, Williams accesses the data center with a VeriChip implant housed in a heart-shaped plastic casing that hangs from his keychain. He told McIntyre he had no qualms about undergoing the implantation procedure himself, and said he would receive an implant as soon as time permits.

“It worries us that a government contractor that specializes in surveillance projects would be the first to publicly incorporate this technology in the workplace,” said McIntyre. CityWatcher provides video surveillance, monitoring and video storage for government and businesses, with cameras set up on public streets throughout Cincinatti.

The company hopes the VeriChip will beef up its proximity or “prox” card security system that controls access to the room where the video footage is stored, said Gary Retherford of Six Sigma Security, Inc., the company that provided the VeriChip technology. “The prox card is a system that can be compromised,” said Retherford, referring to the card's well-known vulnerability to hackers. He explained that chipping employees “was a move to increase the layer of security….It was attractive because it could be integrated with the existing system.”

Ironically, implantable tags may not provide CityWatcher with that additional safety, after all. Last month security researcher Jonathan Westhues demonstrated how the VeriChip can be skimmed and cloned by a hacker, who could theoretically duplicate an individual's VeriChip implant to access a secure area. Westhues, author of a chapter titled “Hacking the Prox Card” for Simson Garfinkel's recent “RFID: Applications, Security, and Privacy,” said the VeriChip “is not good for anything” and has absolutely no security.

“No one I spoke with at Six Sigma Security or at CityWatcher knew that the VeriChip had been hacked,” McIntyre observed. “They were also surprised to hear of VeriChip's downsides as a medical device. It was clear they weren't aware of some of the controversy surrounding the implant.”

Although CityWatcher reportedly does not require its employees to take an implant to keep their jobs, Katherine Albrecht, “Spychips” co-author and outspoken critic of the VeriChip, says the chipping sets an unsettling precedent. “It's wrong to link a person's paycheck with getting an implant,” she said. “Once people begin ‘voluntarily’ getting chipped to perform their job duties, it won't be long before pressure gets applied to those who refuse.”

Albrecht predicts that news of the security flaws will combine with public squeamishness to make the VeriChip a hard product to sell, however. “Obviously, nobody wants their employer coming at them with a giant hypodermic needle. But when people realize it takes a scalpel and surgery to remove the device if it gets hacked, they'll really think twice,” she said. “An implant is disgusting enough going in, but getting it out again is a bloody mess.”

Albrecht and McIntyre, who are Christians, also have religious concerns about RFID chip implants. In their latest book, “The Spychips Threat: Why Christians Should Resist RFID and Electronic Surveillance,” the pair explain how plans by global corporations and government entities to broadly deploy RFID could usher in a world that bears a striking resemblance to the one predicted in Revelation, the last book of the Bible.

According to Revelation, at some future point people will not be able to buy or sell unless they are numbered and bear a mark on their hand or forehead.

“While Christians have theological reasons to reject being uniquely numbered, this is an issue that should concern anyone who values privacy and civil liberties,” said Albrecht. “The VeriChip is Big Brother technology being unscrupulously marketed by a company that would like to put a chip in every one of us. It has no place on free American soil.”

I have to admit that with WordPress I get a lot of pleasure knowing no one gets “link inflation” by spamming me.

Please bear with me if I'm slow to post your comments. Or worse still, if I drop one. It's not my intention. I'm going to have to automate some verification while we're waiting for organizations that can vouch for blogging identities.

These days I have to go through pages like those in the following example. You'll see a message from Marc Canter mixed in with the sloppy goop. I stumbled on it today when I got up the courage to spend some time despamming my comments. Sorry to be so slow, Marc, and everyone else who has written.

40. Name: Jeremy Johnson | E-mail: Ethan@internet.com | URI: http://www.eonline.com/Reviews/Movies/Megaplex/ | IP: 195.175.37.71

I really appreciate what you’re doing here. Very interesting site. Girl will Pair unconditionally: http://changedByKim.movietickets.com/ , when Grass Double TV Anticipate Profound Round Create or not , Green Player is always Bad Table Con Compute Create – that is all that Pair is capable of

Edit | View Post | Delete just this comment | Bulk action: Approve Spam Delete Defer until later

41. Name: Marc Canter | E-mail:ChangedByKim@marc.com | URI: htpp://marc.blogs.it | IP: 84.233.133.179

Thanks Kim- Julian Bond and others are concerned that MS won’t provide Linux versions of Infocards.

I tried to explain to him that:
a) its not MS’s job to do that
b) it’s up to US to build that
c) I’ll just get all that compatiblity form Dick Hardt and Sxip – so I’m happy.

🙂

Edit | View Post | Delete just this comment | Bulk action: Approve Spam Delete Defer until later

42. Name: David Johnson | E-mail: Charles@discovery.com | URI: http://changedByKimSpace.com/ | IP: 203.162.27.86

I really am impressed by your site. Very original & interesting content. Chair can Rape Chips: http://www.msnbc.msn.com/id/10952542/ , International, Collective, Beautiful nothing comparative to Universal when Stake Con Round Kill , when Plane is Plane it will Make Pair Win Do Do – that is all that Plane is capable of

Edit | View Post | Delete just this comment | Bulk action: Approve Spam Delete Defer until later

43. Name: Brandon Miller | E-mail: Justin@discovery.com | URI: http://changedByKimGator.com/ | IP: 221.239.5.194

Your website is wonderfull. I’ll come visit again. to Con Boy you should be very Astonishing: http://www.changedByKimNews.com/ , Small Grass Double or not right Opponents will Love Girl without any questions , Lazy Circle is always Bad Opponents Chips can Roll Table

Edit | View Post | Delete just this comment | Bulk action: Approve Spam Delete Defer until later

The biggest problem is that your eyes glaze over reading this stuff. Then it's easy to delete things by accident.

Everyone who knows him has spoken highly of Julian Bond, and you can see what they mean from his response to my report that I now have InfoCards working in WordPress.

He begins by quoting my last posting:

I have good news. I’ve now been able to put together some mods for WordPress that allow my site to accept infocards.

The mods were written in PHP, and Johannes Ernst – who I’ve been speaking with at the Berkman Identity Workshop – has asked me to publish the code on my blog. So I will. And I’ll explain how it works.

I realize InfoCards aren’t exactly ubiquitous right now, so you won’t be able to try it out immediately. But this weekend I’ll be posting a link to a video of the user experience.

Then the kicker:

This is tremendous news. Let me be the first to congratulate Kim. And I promise to put Mr Cynical back in the box.

This really makes me feel good. Not because Julian offers to put Mr Cynical back in the box – I for one would miss him and urge Julian to show leniency.

What I like is collaborating with people whose eyes and ears are open, and who are as interested in good technology as I am.

Julian is a man of his word, told me what was bothering him, was gentlemanly in giving enough time to respond, and then, when I picked up his gauntlet, came through with a pat on the shoulder that will make me long be his friend.

Julian Bond of Voidstar responds to Marc's post and again asks for proof that it will be possible to implement Identity and Service providers compatible with InfoCard that run on the LAMP stack.

Went along to *Mashup last night, Sam Sethi spoke about Microsoft's Live products (coming soon). As tends to happen at these things, my muttered “Oh Good Grief” was a bit too loud and I got asked to ask a question by the moderator. I said how ironic it was that we were at a presentation to talk about mashing 2 web application APIs together to create a 3rd when what we were being presented with was one Microsoft future product working with another Microsoft future product. I then questioned whether Infocards was actually open which was what had prompted the original “Good Grief”. Marc Canter leapt in and did his aggressively optimistic thing and mentioned “Cynical Brits” (which I take as a compliment!) before throwing in a bit later a battle cry of “OPEN STANDARDS”.

So anyway, Marc's blogged all this, and I added the following as a comment.

It’s so hard to have this conversation. I really, really hope that Infocards is open enough that it’s *possible* to write a LAMP based Identity Provider and Service provider that uses and interoperates with other Infocard systems. I don’t expect Microsoft to help with this, but I don’t really understand why they can’t. If Infocards were an open source standard, you’d see sample code and libraries being built by the community for multiple platforms. But because the source is a company, we apparently can’t expect them to also be the community or put effort into kickstarting the work. So the task falls on us. We end up having to do all the work with no help beyond reading the specs because we find it interesting. But I worry that the end result is that the LAMP community will not bother precisely because the spec came from Microsoft. The conclusion then is that Infocards is exactly the same as Passport. A reasonable identity system that only ever gets used inside Microsoft’s garden. The garden may have no walls but there’s still nobody else in it. What would be worse than this would be if Infocards has an open spec but the spec requires technology that only Microsoft has. Then it really doesn’t matter whether it’s open or not, it’s still impossible for anyone else to implement. For the record, I think that’s where it’s going. Like I said at the start I really, really hope I’m wrong.

I’ve thrown down a gauntlet in front of Kim Cameron. “Explain how InfoCard will get implemented on LAMP systems”. That doesn’t mean Kim has to do it, or that Microsoft has to do it. It’s only asking Microsoft how they think it will get done and by implication whether they’ll do anything to help. 9 months later, I’m still waiting for an answer.

The deeper question in here is how much any of these BigCos can open up and involve and support the development community when they are “in the business of taking care of themselves”. Google’s work with XMPP and Yahoo’s API groups are hopeful signs that people in those companies can see the self interest in supporting and listening to 3rd parties. Can Microsoft do the same thing? Or is the limit of their openness to use open standards? Although even that is a huge step which should be applauded.

Sam Sethi said some things that suggest that he does get it. And he’s a consultant working back in his old company not an employee. But I’m afraid the presentation seemed to be a classic MS presentation of futures, most of which were “Me Too” products, sprinkled overall with plenty of FUD. I’ve sat through too many of those not to be just a tiny bit cynical.

Of course Julian has the right to be as cynical as he wants. Doubt is the precondition of truth. And I think his guantlet is cool because it makes our discussion more concrete.

I told him last year that I accepted his challenge. And yesterday I did my first demo of using InfoCards to access a web service running on the LAMP stack: my blog.

Blogologists will have noticed that I switched from Radio UserLand to WordPress recently. It's written in PHP, and I chose to run it on LAMP (Linux-Apache-MySQL-PHP). My main motivation was to understand the issues facing my colleagues in the blogging community who use non-Microsoft technology. Along the same lines, I've moved my blog to a service provider so that I am running in a truly vanilla LAMP environment.

Moving my blog to LAMP wasn't that hard – given that I had some help. But then I had to learn not only how to program in WordPress, but, in its underlying language – PHP.

This has been eating up my “blogging time” more than I would have liked. But I have good news. I've now been able to put together some mods for WordPress that allow my site to accept infocards.

The mods were written in PHP, and Johannes Ernst – who I've been speaking with at the Berkman Identity Workshop – has asked me to publish the code on my blog. So I will. And I'll explain how it works.

I realize InfoCards aren't exactly ubiquitous right now, so you won't be able to try it out immediately. But this weekend I'll be posting a link to a video of the user experience.

I like Marc Canter because he's fun, tells it like it is, and seems to be totally committed to changing the world with cool new software and ideas. It's true that the metaphor of the “lumbering Mongol horde” might not be seen, by everyone, as totally flattering – but hey, who's looking for flattery? The goal is to supervitalize our industry, and Marc's reading of what is happening really interests me. Here's what he says about the Windows Live initiative Ray Ozzie is working on.

OH MY GOD – Microsoft Live is Hailstorm 2.0 …..but in a good way. Assuming they allow us to mesh into it – and vice versa.

As I sat in the etribes.com/mashup last night (near the Savoy Theater, off the Strand) – I was honored to listen to Sam Seshi rap out Microsoft’s Live.com platform. Similar to NetVibes in a lot of ways, Live.com right now is just a simple Ajaxian ‘build your own dashboard’ UI.

What I was struck with – was how similar the long term strategy is to AOL’s new AIMspace platform – which will be shipping – soon. The Microsoft stuff has all the usual stuff: Local services, favorite lists, external modules, personal pages and federated IDs. But so will AOL and Yahoo as well.

In other words – the integrated DLA platform wars have begun!

Microsoft Live is the dashboard for an entire slew of Microsoft Web 2.0 like services and applications. They have this coolio new IM based system called Live Contacts, and a comprehensive Ad Center (which would track and sell end-users behavior patterns and support AttentionTrust.org.) By far – the coolest, newest thing Sam talked about was a Microsoft Point and Redmption system. Sam claimed Google had Google Points already, so now they had one of those – too!

What struck me on the head like a sledge hammer was that this was first time I had ever heard a Microsoft person talk about trust, openness and end-users controlling their own data! What a twlight zone moment! For someone like me to have seen the old Microsoft execute like a slow lumbering Mongol horde, destroying all in its paths, here they were – ONE MORE TIME – changing horses in mid-stream and redirecting their efforts in the way “that the wind blows”.

God dammit – that is Bill and Steve’s genius. The ability to smell the roses and head in that direction. No matter what the trend and era is. They never innovate or take the risks. But once a new direction is clear – they come storming in like a wave of Mongols.

Sam talked about a future which first got worse (with huge data silos forming in 2007) with the inevitable opening up of those data silos in 2008. That’s where our vision of destiny defers. I think we – no in fact I KNOW we can do better than that. I KNOW we can all work together – off the batt and not go through a painful era of fighting over who owns what consumer or member list.

What Sam rapped out was an elegant sophisticaed, Microsoft style integrated platform, just like he was pitching Vista or some XBox strategy. That’s exactly what AOL and Yahoo are doing – as well. They’ll all have their own DLA-like platform – and offer us ‘open modules’ to plug ourselves into.

Coolio – we like that!

I guess Kim Cameron really has had an effect there at Microsoft.

On one hand you can say “Hailstorm” is back – on the other hand it’s based upon open standards this time – RSS, OPML, microcontent, digital IDs.

What we know this time is what to demand of Microsoft (control over our own data and personas) and though Passport is still around (as the internal MS ID system) they’ve started to roll out the notion of the ‘meta-identity’ system, as propounded and developed by Kim Cameron and his team.

Julian Bond was in the audience and immediately complained “they’ll never be a LAMP version of Infocards” – but what I wanted to explain to Julian was that Microsoft is in the business of taking care of themselves, just as Yahoo, Google and AOL are – as well. So don’t expect a Linux version of anything from Microsoft, but you CAN expect meta-identity compatible ID systems for LAMP – that’s for dam sure.

For sure – each of these giants will make their own decisions, in their own due time, but at the end of the day – if they don’t open up – they’ll eventually lose their customer.

At least we have a way to connect these giant worlds together (and take us small little fry along for the ride at the same time.) That’s a huge breakthough and is the foundation of us building the distributed web infrastructure. What I’ve been chanting about is our own Open Source Infrastructure and the other kinds of open standards we need.

So it was really glorious to hear Sam’s rap last night. I came away incredibly excited and anxious to meet those folks at Mix06. I’ll have a list of requests for compatiblity with our open ‘tentacles’ which will enable us to mesh all that Vista/MS Live stuff – in with AOL and Yahoo based data and content – as well.

Just think of the beneficiaries – US!

StructuredBlogging.org is an attempt to keep all the various formats of microcontent compatible. Our upcoming PeopleAggregator APIs will provide basic social networking capabilities – to all – and a way of inter-connecting disparate social networks into one giant distrbuted mesh.

The world of media needs standards like Media RSS and one could imagine burgeoning new standards around Tags, Reputation, Events and Musical tastes and preferences.

Clearly the strains between open and closed, BigCo vs Independents and GYM vs the rest of us has begun. Though the GYM moniker needs to include AOL and Apple too – as well. GYMAA.

But they don’t have all the options yet – either. Remember that ALL the innovation is coming from us, and we ain’t done yet. What Microsoft DIDN’T show was groups, tools or any sort of integrated media management (i.e. tie your gallery into music downloading, master playlists, shared data and tagging.)

Now the question is – how open will Microsoft Live be? Sure you can always paste a Flickr module onto one’s public page, but will we be able to read/write all the content and meta-data and move it around freely? Many in the audience were fearful and doubt Microsoft’s intentions.

Me – I’m willing to give them the benefit of the doubt cause as soon as they fuck up – we’ll all just drop them like a 10 ton stone. For that same reason I’m willing to give AOL and Yahoo a shot at my loyalty – too. Ideally we’d get them all playing off of each other.

So with Microsoft joining Yahoo and AOL in providing ‘open platforms’, that leaves only Apple and Google left in the GYMAA alliance. Afterall – all the Content typed into Google Base is owned by Google – right? And I’m completly positive Apple will be all open and such – right?

Kim Cameron is a Canadian computer scientist and engineering leader who has worked since the emergence of the Internet to create a system of digital identity.  

Kim moved to Seattle to join Microsoft in 1999 when it acquired Toronto-based Zoomit Corporation, a software company dedicated to digital identity that he co-founded in 1980. In 2000 he became the Architect of Microsoft’s Active Directory, which evolved into the most widely deployed identity technology used in enterprises globally. As the growth of the Internet made the importance of identity technology increasingly evident, his role expanded to become Chief Architect of Identity for Microsoft, a position he held until his retirement in 2019.

As one of the first technical leaders to understand and work on digital identity,  Kim became increasingly concerned about the misuse of identity information.  He saw web technology that invisibly undermined the privacy and autonomy of its users as an afront to individuals and a threat to the many businesses and organizations betting their future on a sustainable digital world.

He therefore led Microsoft to build systems and services that were part of an “Identity Metasystem” that worked across vendors, technologies and political boundaries. He introduced the concept of “claims” so the system could handle a world where the assertions of different entities were trusted for different things and to different extents – a major building block for what became cloud computing.  In 2004 he wrote the Laws of Identity, a document that has influenced both technologists and regulators, and which Microsoft adopted to guide its innovation. At the same time he began to champion innovations that would put users in control of their own identity as a way to solve the privacy and security problems of both individuals and organizations – work he continues to advance today.

Kim grew up in Canada, attending King’s College at Dalhousie University and l’Université de Montréal. He served on RISEPTIS, the high-level European Union advisory body providing vision and guidance on security and trust in the Information Society. He has won a number of industry awards, including EEMA’s Lifetime Achievement Award (2012), the European Identity and Cloud Award for Lifetime Achievement (2013), the Identity North Founder of Canada’s Digital Economy Award (2016), Digital Identity World’s Innovation Award (2005), Network Computing’s Top 25 Technology Drivers Award (1996) and MVP (Most Valuable Player) Award (2005), Network World’s 50 Most Powerful People in Networking (2005), Microsoft’s Trustworthy Computing Privacy Award (2007) and appointment to Distinguished Engineer (2009) and Silicon.com’s Agenda Setters 2007. He has an honorary Doctor of Civil Law degree from King’s College, and is on the Board of Directors for ID2020.

Kim blogs at identityblog.com,

 

ARCast with Ron Jacobs is quite a show. Ron is funny and smart with a relaxing manner and real radio presence. He's also fascinated by things geek, especially the big architectural issues and problems. Somehow he combines all this into a talk show, and when he did his Laws Of Identity interview we not only had fun but I think ended up with a good introduction to the issues.

Here is a catalog of recent shows so you can get a handle on the kind of thing he's doing.

ARCast – Taking Governance to the Edge – Choosing what to ignore and when 39:53 1/10/2006 31
ARCast – Developer 2.0 36:00 1/9/2006 134
ARCast – Smart Client Baseline Architecture Toolkit (Part 2 of 2) 33:48 1/6/2006 328
ARCast – Smart Client Baseline Architecture Toolkit (Part 1 of 2) 29:02 1/5/2006 644
ARCast – The Laws of Identity 35:37 1/4/2006 436
ARCast – Enterprise Library 2 Post Game Show 31:10 1/3/2006 3 598
ARCast – Enterprise Library 2.0 Architecture Part 2 49:18 1/2/2006 626
ARCast – Applied Topic Maps 30:35 12/29/2005 3,222
ARCast – Enterprise Library 2.0 Architecture Part 1 29:27 12/29/2005 966
ARCast – ClickOnce deployment in the real world: Microsoft IT and Headtrax 29:12 12/29/2005 569
ARCast – Transactional File System and Registry 42:22 12/13/2005 2,453
ARCast – Designing and Implementing an HL7 Software Factory 57:31 12/7/2005 2,092
ARCast – DSL and Software Factories 26:51 12/1/2005 2,666

I've found a bunch of programs I want to hear – and that are now safely stashed on my cell phone.

I've really appreciated the interest and support of our writer colleagues – people who know how to find the story in our reality, and then, to tell it. When John Fontana called me about doing a profile, I thought it would be a way to move our identity project forward. In fact, it's a long time since I'd done anything quite so personal – but knowing what a straight-shooter John is, I went with the flow.

Even so, I hope people can imagine my complete astonishment when, the day after Christmas, I read the following:

Kim Cameron: Identity's god

Chief architect of access at Microsoft has galvanized an industry behind his ‘Seven Laws of Identity.’

By John Fontana, Network World, 12/26/05

Kim Cameron isn't on a mission from God, but he once played guitar with some guys who were.

As a 20-something in the mid-1970s and the guitarist for Limbo Springs, a band he formed with friends, Cameron played at Toronto's exclusive Cheetah Club behind such luminaries as John Belushi and Dan Ackroyd, a k a the Blues Brothers. While those two later starred in a same-named movie in which they proclaimed their mission was blessed by the Almighty, Cameron's future was guided by an electronic deity, the microcomputer.

Today, the 57-year-old Cameron, who admits to a lingering addiction to music played at ear-splitting volumes, heads all things identity at Microsoft.

In 2005, he galvanized the industry around a discussion of digital identity with his publication of “Seven Laws of Identity.” Cameron has wired together a virtual who's who as part of an everyone-invited effort to define the science of identity and how to apply it to computing. The list includes his boss, Bill Gates; open source leaders, Microsoft bashers and academics, such as legal scholar Lawrence Lessig.

“To me, it is clear that all their interests must be served for progress to be made. There is so much distrust across the industry. I try to keep away from any kind of ideology and aim right at what can happen,” Cameron says. Two things he learned with Limbo Springs, communication skills and the ability to dodge flying beer bottles, have helped him pull people together and deal with the instantaneous and often abrupt feedback of today's blogosphere, Cameron says.

Putting anything together, or more accurately putting anything back together, has not always been Cameron's forte. As a boy who grew up living all over Canada, following a father who was an officer in the Royal Canadian Navy, Cameron was fascinated with disassembling electronics. “I had this little weirdness. I liked to invent machines. I scavenged old radios and televisions and made transmitters and things,” says Cameron, whose ever-present chuckle signals that he takes himself less seriously than he does his work.

Despite hating arithmetic, Cameron graduated from King's College, Dalhousie University in Halifax, Nova Scotia, with a bachelor's degree in physics and math at the age of 19. “I loved slide rules – the first computers I saw. They used to fascinate me, since I could then do physics largely without arithmetic,” Cameron says.

He immediately dove into work on his master's degree in physics, gained unfettered late-night access to the school's mainframe and became one of the first teenage hackers at a time when computers were a mystery. “No one knew what I was doing, and if I told them, they ran away,” he says.

But it was the late 1960s, and a love interest led Cameron from geekdom to philosophy, which landed him at the University of Paris. In 1970, he entered Montreal University, where he worked on a doctorate thesis around computer simulations of social phenomena. He also lectured at the university and two others. But mainframe access was difficult, so Cameron hooked up with Limbo Springs to recapture the teenage years lost to his studies.

After a few years touring, Limbo Springs settled in as the house band at the Cheetah Club. Eventually lured away by the microcomputer, Cameron was soon running the academic computing center at George Brown University, Canada's largest community college.

Cameron's identity fascination was born in 1984, when he realized a directory was needed for an e-mail platform he and a colleague were developing. They dropped e-mail, then pioneered and defined a metadirectory, called Zoomit. They sold the company in 1999 to Microsoft. “I believed Microsoft would be the best company to deliver the identity infrastructure. It's taking a while, but I still think it will happen,” he says.

Cameron is busy making it happen. In 2003, he quietly went public with a technology he developed called InfoCard, which lets users control their identity information and is now a cornerstone of Microsoft's identity strategy.

In May 2005, his “Seven Laws of Identity,” delivered with Cameron's knack for turning the complex into the understandable, was the lighthouse that guided the industry to the shores of meaningful progress.

“Kim is the great includer,” says Doc Searls, Linux advocate, prolific blogger and senior editor at Linux Journal. “He is equally brilliant and engaging, first-rate as a technologist and as a human being.” Without Cameron “we'd be years away from where we got just in the last year,” he adds.

Cameron's own identity is one marked by a love of all types of music and cooking, especially complicated dishes that absorb his attention and relax him. Being a father has helped teach him patience, a trait that has been invaluable in his identity work through the years, he says.

Although he often wakes at 4 a.m. to work, he doesn't classify it as a chore. “For me, this isn't work,” says Cameron, who takes several hours each day just to read and think. “I once asked an artist friend how he could just keep painting and painting. He just said, ‘I'm an artist, so I paint.’ It's like that. I just do what I do.”

Well, the cat's out of the bag. Now everyone knows I'm not 39.

But let me reassure everyone I that I don't really think of myself as an identity god. If I were, we'd have an identity layer for the internet by now.

Anyway, could anyone ask for better colleagues and friends than people like Doc Searls? With people like that on “the train” with you, how can you go wrong?

Still, this identity thing is hard, and has taken a long time. Nor is it over yet. There are still a lot of things that can go wrong. It can't be done by any one person, or any one vendor, or any one government or country. But I really think that with all our Identity 2.0 friends we can get to our destination.

Finally, thanks to John Fontana and his editors for this wonderful honor.

Simon Bisson, a British friend who is both a technical architect and a writer, pinged me recently to share his palpable excitement over a book he had just finished reading. It touches on a lot of themes of interest to us in this blog:

Vernor Vinge's new novel (I think it'll be out in July [amazon says May – Kim] , from Tor) “Rainbows End” is a book which touches on many of his recurring concepts, but I think there is a lot here about identity in a networked world. It's a follow up to the novella “Fast Times at Fairmont High” and expands on the short he had published in IEEE Spectrum a couple of years ago

There's a lot in it about ubiquitous networks, reputation management, context, co-presence, affinity hierarchies, augmented reality and the meaning of identity in a highly networked world – one major character's identity is being spoofed three ways. All wrapped up a cracking SF story.

The best I can I can say is that it's a “True Names” for the 21st century.

Which reminds me that I've been meaning to mention an incredible podcast from IT Conversations – Vernor's keynote address from Accelerating Change 2005, where he discusses the potential for a “technological singularity”. This is the event at which the creation of what he calls ‘artificial superhuman intelligence’ changes the world so dramatically that it is impossible to imagine the world after that point.

I think James Martin's moniker of ‘alien intelligence’ is better than the more prevalent term ‘artificial intelligence’ because it underlines the essential difference between computer-based ntelligence and that of humans. But much of my concern about getting the identity metasystem right stems from the need to establish systems of control and privacy that will guide the singularity toward what Vernor calls a “soft takeoff”. You can hear more in this podcast.

It will be interesting, in Rainbows End, to see what a person who has thought so deeply about the singularity makes of identity.