This evening, at the reception for Digital ID World, someone asked me what I thought of the conference. I've been to every DIDW since it started (5 years now). I realized that the conversations and talks had changed from "won't it be cool when we..." to "this is what we did to..." That's a big change and shows just how far identity, as a concept separate from security, has come.
At the same time, I look around the show floor and other than the usual big names like Microsoft, Novell, and Oracle there are few repeat companies. Ping and a few others have been here from the start, but most seem to come and go. Part of that's because any company that gets successful gets bought by one of the big guys looking to build out their stack.
One of my favorite sessions today was Dave Nikolesjsin's presentation on citizen-centric identity. Nikolesjsin is the CIO for the Prov. of British Columbia. BC is making real progress building identity systems that have been proofed by in-person visits to government agencies. There are lots of lessons in what BC is doing--not just for other governments, but for any large organization.
The most significant announcement of DIDW was Microsoft's Open Specification Promise. For years, there's been an intellectual property cloud hanging over the OASIS specifications that form a large part of what makes Web services work. Unlike other standards bodies, OASIS doesn't require that technologies built into its specifications be IP-free.
Today's announcement is a huge step by one of the major contributors to the OASIS specifications. Microsoft irrevocably promises not to assert claims against people or companies who distribute products that conform to the specifications. Of course, like any legal agreement, there are terms and conditions. I'm sure some will be waiting to see what isn't there.
Since many of these specifications are at the heart of CardSpace, Microsoft's Internet-scale identity system, the announcement is especially important to other vendors working to interoperate with it. This is also important to Microsoft. If no one builds interoperable identity products for CardSpace, Microsoft will have failed to achieve true Internet-scale identity. Removing the legal threat is an important enabler.
See also: Kim Cameron's blog on Microsoft's Open Specification Promise