Not because we want to and not because its better, but because its in accordance with regulations written by the Federal Communications Commission. Right. Don't mention anything about that big cluster of wires that branch off into that secured room ran by people who don't work there. Stick to the 'better protect' copy.

The image above is what I got when I logged into my Comcast cable account to find out how much last month's damage was. I'm not really digging the sites that say, ok, you've authenticated with a username and password, but it looks like you're on a different computer or different IP address, so I'm going to add one more thing you need to remember and type in. Isn't agility what the web is all about? I know there's a balance to strike, but we aren't there yet. Where's that damn CardSpace and OpenID?

Here's the link to my slide deck and code that I presented at the Portland Code Camp. Organizing this content and presenting it was a ton of fun and great way to dive into WCF and CardSpace. My laptop had some problems chatting with the projector (guess it wasn't using WS-* protocols) so my backup plan of toting my own projector around all day proved worthwhile. I did have to run a bit and scraped a message level encryption demo and all of the OpenID demo due to time constraints. :(

Jason Mauer recorded the session though, so I'm curious to see how well it looks from the tripod.

Now I'm on the east coast and 8:30am comes a little earlier in the morning here than it does on the west coast. Its the first break in the Master WCF class with Brian Noyes and we've already had one Carl Franklin siting. Booya!! I'm hoping I can get a tour of Pwop Studios sometime this week while I'm in New London.

The PDX Code Camp is next weekend, May 19th and 20th. I've been preparing a talk on how to create and use X.509 certificates. Developers need this technology for local testing of plain old ASP.Net sites, Web Services Enhancements (WSE) or Windows Communication Foundation (WCF) code.

The Windows SDK and Visual Studio.Net have some good tools for helping developers use certificates. I'll show some certificate basics, common examples of certs in action and tools that help us along the way. My goal is to get the session attendees comfortable with creating & installing certificates on their local machine in a variety of code scenarios - that seems like a reasonable task for a 60 minute presentation and 15 minutes of Q & A.

Just for fun, I worked on a local checkout of DotNetOpenID and implemented SSL for the authentication steps. A lot of the other code in the presentation is based on the excellent examples from Michele Leroux Bustamante. She does a great job of providing info on these topics for the developer community.

I have to leave for New London, CT on Sunday so I can only attend one day of this developer event. Normally, that would suck big time, but I'm also gearing up for a week long IDesign WCF Master Class at Carl Franklins house. When it rains, it pours!

I attended the Software Association of Oregon (SAO) event today. The Development Special Interest Group (DEV SIG) hosted a discussion about Microsoft CardSpace, the open source framework of OpenID, and basic identity management.

Stuart Celarier walked the audience through Kim Cameron's paper called The Laws of Identity that articulate seven desired aspects of a good identity system.

Microsoft CardSpace was formerly named "InfoCard". This is a joint effort to implement the identity metasystem defined by the laws of identity. CardSpace is the "identity selector" for Windows. It needs IE7 and Microsoft .Net Framework 3.0 to operate. It implements the WS-* specifications in this service.

OSIS - Open Source Identity System: This is an open source group that's involved in the identity space.

Stuart also showed a demo of a system he's been working on. It logs a user into Wachovia banking site using CardSpace.  Scott Kveton of JANRAIN presented OpenID to the SAO DEV SIG group. OpenID hopes to solve the problem of having too many usernames and passwords.

• Single Signon for the web
• Simple, light-weight
• Easy to use, easy to deploy
• Open development process
• Decentralized

Your OpenID is a URL: http://kveton.myopenid.com/

• OpenID comes from the blogosphere
• Biggest problem with identity; namespace
• OpenID solves this by using DNS
• Your identity is a destination
• You have a unique endpoint on the web

Scott Kveton explained how sites enabled with OpenID enable users to authenticate. Visitors type in their OpenID, and the browser redirects to your OpenID provider. The visitor makes the appropriate decision and the browser redirects back the website.

Scott's site is http://scott.kveton.com

Last week Bill Gates announced support for OpenID. AOL announced support for OpenID this morning. More companies are about to make similar announcments. Here's some interesting stats on adoption:

• 12-15 million users with OpenIDs.
• 1000+ OpenID enabled sites
• 10-15 new OpenID enabled sites each day
• 7% grown each week with new sites

Kveton also brought up "Microformats" - a way to describe data in an HTML format (contact info, social network, calendar). These can be embedded on pages. There are some interesting ways to use OpenID with these technologies:

• OpenID + iCal
• OpenID + hCards
• OpenID + Social Networking (XFN, FOAP or FOAF?)
• OpenId + Reputation (jyte.com)

OpenID Predictions from Kveton:

• 7500 sites supporting OpenID
• 100 million users with OpenID
• Big players adopt OpenID

OpenID.net has a ton of info.

Scott Hanselman explained how he enabled OpenID on his blog. Hte added two HTML <link> tags to his website. Simon Willison has an OpenID enabled blog. A visitor can click Sign in with OpenID. The OpenID logo lives inside the textbox. Scott entered his OpenID in the textbox on Simon's site. Using a web service, Simon's blog discovered Hanselman's OpenID provider, then it redirected the browser to Scott's OpenID provider.

Scott's website indicates the OpenID provider is www.myopenid.com. 

The OpenID provider prompts Scott to authenticate. After a successful login, the browser redirects back to Simon's page and recogizes Scott Hanselman. This is how Simon doesn't need to keep track of usernames and passwords for his blog; a huge benefit.

Stuart helped explain the difference between self-insued cards and managed cards: Business Cards from Kinko's versus a card issued from Visa.

Scott Hanselman displayed a different identity selector using Firefox on Windows. The page contains an HTML <object> tag of type "application/x-informationCard". It wasn't as pretty as the CardSpace in IE7 and .Net 3.0, but it had the same behavior.

There was some last minute discusson on "I-Name", an XRI technology (extensible resource identifier). It sounds like its still being baked.

2idi relays comments on Scott's blog. They will issue an I-Name. =kveton is Scott's I-Name. They have an DNS resolver where visitors may enter xri://=scott.hanselman/photo to redirect to his Flickr account.