I’ve taken an interest in some of the more esoteric languages of late. I’ve been doing some pretty heavy-duty Erlang development at work, and have found it to be a very solid, fast and powerful language/platform. However, in the past few days, I’ve started looking at Haskell. Wow…where Erlang makes sense, once you get past the idea of pattern matching and immutable-everything…Haskell just wants to be lazy. Just implementing a simple Fibonacci function is completely alien….but intriguing.

I found a great tutorial on Haskell – Haskell for C Programmers. It’s well written and very lucid. The author captures the bewilderment you’re sure to encounter quite well – I’ve found myself cackling like a madman this evening as I read it.

I guess I need to get out more. :)

It’s been a while since I’ve done anything on Passel, and several people have asked what’s happened to the project. I wish I could say that lots of progress has been made, but frankly I simply haven’t had the time to move it forward. My “real” job and preparation for school (not to mention family life!) have all pushed Passel to the very lowest place on my priority list, unfortunately.

My personal busy-ness aside, I still wonder about the immediate value of any personal identity protocol. As I noted earlier, I’m not yet convinced that either necessity or convenience has been established for personal identity. Clearly, people would like to not have to manage passwords/logins, but it’s still “like” versus “must”.

Passel has, in my biased opinion, all the right technical bits to be very useful for personal identity when the need arises. It provides a flexible and lightweight means of securely exchanging whatever identifiers people elect to use. I remain skeptical of (so-called) URL-based identity systems, since I continue to believe that a URL is simply not an accessible or psychologically coherent basis for a complete personal identity system. Of course, only time will tell if my skepticism is warranted. :)

If you’re not a New Zealander (like me), you’ve probably never heard of rimu trees. The first time I’d ever even heard the word “rimu” was when I stumbled across Rimu Hosting. I recently decided to move off of Dreamhost (got tired of my Jabber server and IMAP server crashing) and wanted something that I could have a little more control over, namely a hosted Linux machine. A bit of googling turned up Rimu and I was pleasantly surprised by their pricing and services. To sweeten the deal, they also give back to the Open Source community by offering discounts to OSS developers – how cool is that?!

At any rate, I made the switch about a month ago now and have really liked it so far. I’ve had no downtime to this point, and their support system is extremely responsive. I also have to give serious kudos to companies like Rimu that do more than just take from the Open Source community. Thanks, Rimu! You guys rock.

I got my letter of acceptance for the Master’s program at CU-Denver this evening. Hurrah!

The pace has slowed, for an ever so brief moment. I find myself sitting on the couch staring blankly at my laptop, knowing there is something I need to be doing.

I submitted my application for school on Friday. I’m hoping to get into the Masters program at CU-Denver. I’ve been thinking about it for a while, but just recently felt the timing was right. I’m excited at the prospect of getting in and learning again. Hopefully there won’t be too many prerequistes that will keep me from working on the really interesting stuff. I’m thinking that it would be challenging to do some work in the computational biology field.

The ordeal that pgm has been through has gotten me thinking. I’ve developed commercial software for almost 10 years now, and it seems to me that there are other areas where software skills could be utilized to help people in a different way. It makes sense to me that in order to understand something as complex as the human body, we’re going to need computers. I’m not sure how I can contribute, but I’m interested in finding out. So, first step is to get some background knowledge in the field; I plan to start with the certificate program at CU-Denver. We’ll see where things go from there.

My world is overwhelmed with work. It’s a mountain, filling my windshield until everything else is just a blur around me. Passel, unfortunately, hasn’t gotten any attention lately, and the way things are going, won’t until November some time.

I wish people would listen when I tell them, “No.”

I don’t quite get why (some) people view engineers the way they do. There seems to be this view that engineers are overly conservative about schedules. This is evidenced by the way that people take an engineering schedule and try to stuff it with more features/tasks. They (must!) figure that the engineers are pessimistic and not really interested in getting as much done as possible. What these people don’t appear to understand is that engineering, at least in the software world, requires people of the sternest amounts of optimism. We take ideas and words and turn them into function. In many ways, it’s as close as most of us will ever come to “Creatio ex nihilo”. To do that, to take what is in essence “nothing” and turn it into “something” – that, requires a LOT of optimism, my friends.

The past few morning have been the crisp and cool as is typical for September in Denver. I’ve lived a lot of places in my life, but there is no where that has more magnificent late summer mornings. For reasons that are beyond me, these mornings fill me with hope. There’s a song I was listening to this morning that captures the feeling…

Your mercies are new every morning
So let me wake with the dawn
When the music is through or so it seems to be
Let me sing a new song, old things gone
Every day it's true, You make all Your mercies new

I suppose the lyrics without the music and the fresh morning air don’t quite carry the same impact.

Herewith, a bit of random thoughts on the consumer identity space – something I’m still trying to understand.

There are two drivers for consumer adoption of technology: convenience and necessity. Convenience is the positive driver where the user will benefit socially, fiscally, or otherwise, by using adopting the new technology. Conversely, necessity is a negative driver as the user will be negatively impacted (socially, fiscally) by not adopting the technology. Regardless of the driver, you need at least one of them before the general consumer population is willing to make the necessary paradigm shifts and adopt a new technology. People typically require impetus for change.

In the identity space, I don’t think we’ve established an impetus that will drive people to manage their “digital identity”. The convenience of web-based SSO is not yet significant enough that a user will demand it. The necessity of digital identity is also marginal at this point as the social and fiscal downsides aren’t yet fully understood by the general populace. As a Eric has said to me on several occasions: “Perception is reality.” While I don’t agree with this sentiment on all levels, I think it’s true in this case.

So, what watershed event will make it convenient or necessary for people to start thinking about their digital identity? I suppose it’s a 50/50 chance of either one forcing the issue, but I would put my money on necessity. Digital identity is a relatively abstract concept that people outside our space have a hard time wrapping their heads around. However, people can quickly grasp difficult concepts when there is a deep necessity for it.

Passel has been a pretty huge learning curve for me – I’ve never tried to create a new protocol/technology from the ground up before. With the Jabber projects, I had the opportunity to contribute when things were getting off the ground, but Jer steered and made the big (and happily, correct) decisions. Now, it’s up to me to try and guide a project and I’m appreciating just how much work is involved.

One of the first big lessons I’ve learned is that effective and efficient communication is critical. This means that the terminology you use for a protocol is critically important, while simultaneously being completely insignificant. In order to effectively communicate with people, you have to use words that carry the right connotations and are not too overloaded. At the same time, it’s important to not get hung up on the terms and be willing to adjust for the sake of efficient communication (i.e. not having to say the same thing a half-dozen different ways, just because you don’t want to settle for existing words). Communiciation with these two characteristics is to a new protocol/technology as water is to a tree seedling – there’s no growth without it.

So, in the interest of effective and efficient communication, I am proposing (to anyone who cares) some adjustments to the Passel protocol.

Passel has this idea of a “pass” – an XML document issued by some party which contains values/attributes about a user. Unfortunately, while that word works, most people in the identity space aren’t really sure what to do with yet another term for such a document. So, we’ll start using the word “claim” when describing an XML document with values/attributes about a user. I contemplated using “assertion”, but I think I side with Kim Cameron in feeling that “assertion” carries too much weight about the validity of the data.

The next major term that keeps messing people up is the “Signer” terminology. People can’t seem to sort out what exactly a Signer is signing – and rightfully so, as “Signer” is a pretty weak word. Instead, we’ll just call any party who issues claims a…wait for it…”Issuer”! We could even be more specific about it and say “Claim Issuer”. I’m not real thrilled with this term just yet…but it’s better than Signer.

Finally, the biggest term that people keep tripping over is “profile”. That particular word carries certain connotations in the identity space, specifically as set of messages that may be exchanged over a particular transport. So, we’ll start using the word “trust model” (and <trust -model> in the protocol) to capture what we formerly meant by “profile”. A trust model is the way in which a set of values (in a claim) can be verified as authoritative from a specific Issuer. It’s how a Passel Target verifies a claim, or part thereof, to be valid.

So, those are the changes we’ll be making to the protocol and other docs that describe Passel. Hopefully it will help people better understand what Passel is all about and minimize hang ups on terminology. It’s all about becoming incrementally more effective and efficient communicators of technology.

No wonder I felt so tired today – I’ve had a busy weekend.