The Overview
In this episode of Identity, Unlocked, host Vittorio Bertocci, principal architect at Auth0, is joined by Pamela Dingle, Director of Identity Standards at Microsoft and a founding member of Women in Identity. Pamela has been working with identity standards and related organizations for a long time: in this episode, she sheds light on the fundamental value proposition of open standards, how standard organizations operate, and how the industry is evolving.
Standards are the main mechanism through which we harness collective intelligence and avoid continuously reinventing the wheel, as Pamela masterfully states before launching in a historical review of how the world of identity standards evolved. Starting with cornerstone standards such as LDAP and SAML, and associated standard bodies such as the Liberty Alliance, Pamela and Vittorio reminisce about a time in which only large companies had a say on industry standard’s direction. The discussion quickly branches out, moving toward organizations such as IETF and the OpenID Foundation responsible for the main modern standards (such as the OAuth 2.0 and OpenID Connect families of specs) we work with today. Throughout the chat, Pamela provides her perspective on concrete aspects of working on standards such as driving consensus while being inclusive of diverse perspectives, the fine balance between extensibility and strict guidance every standard strives towards, and more.
As the episode ends, Pamela discusses Women in Identity, where she serves as a director. Women in Identity is a non-profit organization creating identity solutions for and built by everyone. They’re working to drive a more diverse workforce in the digital identity industry. Their membership is open to women and their allies.
Highlights
[3:55] - What are identity standards?
The cast of characters mentioned here includes Anthony Nadalin (@drsecure), Dale Olds (@daleolds), and Mark Wahl (@markwahl).
[6:12] - How did identity standards come into practice?
[7:37] - What is LDAP?
You can find more details about LDAP here, but nowadays, chances are you won’t run into any situation requiring you to know so much about it.
[16:05] - What is IETF?
The IETF site, at https://www.ietf.org/, reflects the incredible breadth of the organization’s scope, which concerns itself with all things internet hence goes well beyond Identity. All the OAuth related activity (specs, smiling list traffic, etc.) can be found at https://datatracker.ietf.org/wg/oauth/about/.
[20:37] What is the OpenID foundation?
The OpenID foundation can be found at https://openid.net/foundation/. If you want to go straight to the specs, you’ll find them on https://openid.net/developers/specs/.
[32:50] - What is Women in Identity?
Women in Identity’s home page is on https://womeninidentity.org/ - you can follow them on twitter at https://twitter.com/WomeninID.
Links/Resources
Learn more about Pamela Dingle
Learn more about Women in Identity
Vittorio Bertocci on LinkedIn
Vittorio Bertocci on Twitter
Learn more about Identity, Unlocked
Learn more about Auth0
Identity, Unlocked
Identity, Unlocked is the podcast that discusses identity specs and trends from a developer perspective. Identity, Unlocked is powered by Auth0. Vittorio Bertocci is Principal Architect at Auth0 and applies his vast knowledge of the identity industry to Auth0 in all aspects of the company, including internal and external education, product innovation, and customer integration.
About Auth0
Auth0 by Okta takes a modern approach to customer identity and enables organizations to provide secure access to any application, for any user. Auth0 is a highly customizable platform that is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visit https://auth0.com.
About the author
Vittorio Bertocci
Principal Architect