EIC 2010: An outsider's view - mrtopf.demrtopf.de

EIC 2010: An outsider’s view

European Identity Conference 2010

I stumbled into the European Identity Conference 2010 actually only by accident, more being a web developer than an enterprise IT guy (although having to do with it in terms of connecting e.g. Plone to an LDAP server in our bigger clients). But I don’t regret that I actually did!

What made me go there were actually two (related) things:

  1. The opportunity to meet one of my co-podcaster at Data Without Borders finally in person, namely Eve Maler
  2. The opportunity to attend the workshop on User Managed Access, a Kantara Initiative workgroup which I was involved with quite a bit at it’s start (and which is chaired by Eve).

I then ended up attending also the actual conference as I got free entry for being a blogger and podcaster from the open web standards field (thanks, kuppingercole!). It didn’t stop there, though, because soon I was also sitting on a panel on data portability with Eve and Drummond Reed (me for being a former board member of the Data Portability Project) and suddenly also on another one with Eve again and Andreas Reisen from the Ministry of the Interior of Germany. The topic of that wasn’t really clear until shortly before and it turned out to be Post Privacy (I guess I had some influence on this).

Especially this last panel turned out to start a very interesting discussion (also thanks to moderator John Hermanns), but more on that later.

What I learned

First of all I learned that the UMA specification compared to back then when I left is not really easy to understand. To prove that I did some rough implementation the following afternoon. It also means that I probably will be more active again in the workgroup.  What surprised me a little though was that UMA actually got quite some interest which I didn’t expect as I saw it more as a web standard. But enterprise and web seem to converge and this is a good thing!

I also met other UMA participants I only talked on the phone with yet, esp. Domenico Catalano, Iain Henderson, Maciej Machulak and Hasan Akram.

From Iain I heard about another interesting topic actually, which is that both big parties in the UK had citizen control over their data in their programs. According to him they don’t really know what it means in practice but he and his company MyDex (and others) are there to help with Personal Datastores. I didn’t really gave a chance to interview him on how this would work in practice but I think he would make a great guest in Data Without Borders, so we probably will invite him soon. I should add that Iain also thinks about using UMA for this purpose.

Then there was the actual conference. Unfortunately I didn’t have the time to follow everything and so I wasn’t following  much on cloud computing (and I wish more people in the IT scene would actually do live blogging or at least twitter). So I learned a lot about which how claim based access is a done thing (at least according to Kim Cameron). I learned that OpenID has usability problems (not really new) and how they could be solved (new), I learned about the germen eID card and all the world wide non-interoperability of internet authentication. I learned that instead of PowerPoint you should start with Word (ugh? I would say: Use proper tools for online collaboration, not something for writing letters. Talk to me if you want some ideas ;-) ). I also learned that IT guys are sometimes having complexes, too (I remember a slide saying „IT guys are not dumb!“ and people complaining how everybody beats on them).

What I missed: The Web

What I missed though was more talk about web standards. There was hardly any talk about e.g. OAuth (although it won an award last year), WebFinger, XRD, LRDD, Salmon, the connect mechanisms of Twitter and Facebook etc.

Along with that was social media was only used rarely. I can say that I was the most frequent twitterer there while only maybe 10 people twittered here and then. I am not sure if any blog posts except mine actually have been written. I even heard the phrase „I will be the last person to use Twitter“. So do enterprise IT guys live in some hole? Is it too different? Is their usual environment so controlled that they fear to do such things?

Some conversation I head during lunch seems to point into this direction as somebody explained to me how it feels strange if some client suddenly twitters about one of their meetings. Moreover companies have the problem of data leakage into Facebook, Twitter and LinkedIn (the latter seems to be the mostly used tool for social activities online).

I guess there are interesting times ahead when companies need to find a way to handle that. One way might be to forbid it but stemming against the internet revolution so far hasn’t worked, so good luck with that! Lets hope they think about more useful strategies which embrace the web and not fight it. There at least seems to be some interest in using social media also inside the company. A very interesting topic where I also have lots of ideas on.

What could be different?

The EIC 2010 was a well organized conference with interesting topics (and good food). Some things could be more experimental though in my opinion.

So here are some ideas:

First: Look at IIW and see how a barcamp style conference just works (I’ve never been there but I know that Barcamps work). So I would really like to see more flexible structure in place. Take the post privacy panel for instance. This mainly was setup spontaneous and I personally would have had lots more topics I would have loved to discuss with people in some sort of session. Yet there was no time or space for it. What we had were mostly one-to-many talks which are good for an introduction of a topic but not for a good discussion of it.

So make it more Barcamp-style! Maybe not the whole conference but maybe parts of it, e.g. one day.

Second: Then try to invite more web people. The web is different in that things need to be simple on the web while not being too simple (read: insecure). And something enterprise IT needs is simple. Moreover it would be great if there wouldn’t be two groups of people working on several very similar problems each on their own.

Third: Put up Twitter Walls. Explain what Twitter is, encourage people to use it and also to blog about it. Attracting more web people will actually help this.

Fourth: Record also the smaller rooms or let people (like myself) record it. So much information seems to be gone now if you haven’t been there, esp. the panel discussions.

Fifth: Put the materials on the web for free. My opinion: You go to a conference to share with the world. So share it with the world!

As Martin Kuppinger did a keynote on 5 trends in various topics I, too, will leave it at those 5 points. I learned a lot (and if it’s just how enterprise IT ticks) and might even come back next year :-)

Further Reading

Here are my blog posts about the conference so far:

More posts might actually still come, I have lots to talk about! (but actually would need more time).

3 Kommentare » Schreibe einen Kommentar

  1. Mrtopf,
    thanks a lot for your articles on EIC 2010, your intensive and valuable Twitter coverage during the event and your inspiring feedback. As the one responsible for the EIC agenda, I would like to express our openness on any of your 5 points and I would welcome your inputs into the planning phase of EIC 2011 (which actually will start soon). 2 things, we´ve already decided: more unconference sessions (or a whole stream) and a twitter wall. Just, maybe, one point: EIC is a good place to experience how enterprise IT and "the web" grow together.
    Kuppinger Cole being focused on identity management and GRC in "traditional" and in cloud environments, it is one of our core tasks to accompany enterprises on their way from legacy to an open world of (web) standards. Just imagine, as an example, how difficult it can be for a utility company to open their internal billing systems for new business models arising from the smart grid, where they will need to guarantee privacy on information collected by the smart meter in your home. Web standards are an important building block within such a business model, but it is not the only one…
    Thanks again for your contribution and get in touch with me any time you´d like to propose contributions to EIC 2011.
    Joerg

  2. Joerg, thanks for your comment!

    I am happy to give input on EIC 2011 given the mentioned 5 topics and maybe more. Maybe contact me once you started planning and I am happy to contribute.

    You are of course right that the web is not the only thing and I also understand that requirements in the enterprise and the web are somewhat different. My hope is though that protocols also in the enterprise become simpler (while staying secure) thanks to the influence of the web where you need to convince the developer more by simple to implement specs than in the enterprise.

    Then of course my background is not so much in the enterprise (although having done LDAP/CMS-integration) and thus I am not aware of all the use case, regulations and other obstacles. That being said my visit to the conference helped though to get a bit more into that.

    So lets keep in touch and try to bring those worlds together as much as possible!

    PS: One remark on the unconference sessions: IMHO it helps to make this a separate day or half a day as otherwise too much people are sucked into the regular talks. This at least is my experience from other conferences.

  3. Pingback: DWBP16: Trent is back! :: Data Without Borders