In the last week or so Paul Madsen made at least a couple of posts with strong visual components: one that resumed my old 2005 post on a notation for message crypto, the other on Feynman diagrams . Nice! Paul, when I am in that mood I find especially pleasant to thumb through Tufte : I highly recommend it. Like Paul, in a former life I dealt with completely different stuff: I spent few years on computational geometry first , and on scientific visualization later. I am absolutely in love with what

It's that time again. Few months ago the Italian government fell, and as a good citizen I am called to the right-duty of casting my vote for electing the new one. There's a little detail, though: while in the past that meant taking a short walk through my scenic little home town and meet few old friends at the voting office, the fact that I am now a resident of the Washington state in USA makes the walk a little too long. Luckily, technology comes to the rescue: I can cast my vote via mail :-). Since

(continues from Part I and Part II ) Finally we've lined up all the elements we need for understanding how we can get rid of the 1-2-3 tyranny, and deal with our business requirements directly instead of relying on an old model that forces us to perform unnecessary steps and introduces artificial dependencies. For making sense of what I write in this post you *really* need to read part I and II as well; without the right context, some of those things could be badly misinterpreted. Sorry :-) Outsourcing

(continues from Part I ) You can consider this post and the fine grained analysis we made in Part I as a down payment for grasping the implications we'll see in Part III, which I plan to post in few hours (almost done). I was planning to have just 2 parts, but it came out far too long and I need 3 :). Here we'll see a very general architecture that can support the traditional authentication practice we described so far. Let me refresh your memory with those few key points we established last time:

From time to time it's healthy to challenge the assumptions, and look at (allegedly) familiar things with new eyes. Few weeks ago I had to do just that with the idea of authentication : I wanted to shake a bit an audience of architects, and make them * think* about the problem instead of relying on the stereotypes they had about it. Judging from the evals I've got, it worked :-) if you want to give it a try, check in at the door what you already know on the subject and come to play! The Tao of Authentication

Last week Caleb and I have been surprised in my office by Charles "Carlo" Torre and his camera. The result is an impromptu interview about CardSpace , which is currently on the front page of Channel9 (direct link here ). If you have time, take a look… we laugh a lot, but we manage to make some serious point here and there :-) and of course we mention the book , which is even on the "front frame". I have to remark that I am *always* amazed by Carlo 's skills as interviewer. He provides a fresh perspective,

Ah, the beauty of models. A good model can capture the essence of a system, a phenomenon, anything: it allows you to easily manipulate things, make predictions, transport the knowledge you already have of a domain to a new one. It's just great, and as we will disclose more things about Oslo I am sure you'll have chance to experience this thing first hand. For the time being, let me dig a bit on a model factory we know very well: the identity metasystem. Back in November, during my EU tour , I had

It turns out that the channel9 video on ws-trust was down for (quite?) some time. I am pretty surprised by the number of people that is still checking out that clip! Now it works again, provided that you view it by clicking the download button (which, by the way, points to here ) as shown in the screenshot below. The embedded video control is still not working. Thanks to everybody who raised the issue ( Adlai , now I understand your comment about the video... sorry for not getting it earlier) and

On the Paris-Seattle flight, coming back after 2 weeks spent stuffing myself with all sorts of food with the excuse "after all, you can't find this in USA" :) Before hurling myself back in the vortex of daily work, and celebrate the end of the year with something crazy, I want to take some time writing down some hallucinatory (=vision without execution) thoughts about omnidirectional identities . Be warned, this may be just pointless rambling at this point. Few weeks ago I chatted about this in front

On a flight from Rome to Warsaw: apparently the droning noise of the plane (or what's left of it after this ) inspires me, and now I finally have the means of pulling out live writer from a pocket and start writing. This time I'd like to explore with you some further consequences of the shift toward claims, and specifically some novel ways of thinking about authorization. The seeds of this discussion are already in the Tao of Claims , but its sheer length makes them accessible only to the very patient