In this episode of Identity, Unlocked, host Vittorio Bertocci, principal architect at Auth0, is joined by Pamela Dingle, Director of Identity Standards at Microsoft and a founding member of Women in Identity. Pamela has been working with identity standards and related organizations for a long time: in this episode, she sheds light on the fundamental value proposition of open standards, how standard organizations operate, and how the industry is evolving.
Standards are the main mechanism through which we harness collective intelligence and avoid continuously reinventing the wheel, as Pamela masterfully states before launching in a historical review of how the world of identity standards evolved. Starting with cornerstone standards such as LDAP and SAML, and associated standard bodies such as the Liberty Alliance, Pamela and Vittorio reminisce about a time in which only large companies had a say on industry standard’s direction. The discussion quickly branches out, moving toward organizations such as IETF and the OpenID Foundation responsible for the main modern standards (such as the OAuth 2.0 and OpenID Connect families of specs) we work with today. Throughout the chat, Pamela provides her perspective on concrete aspects of working on standards such as driving consensus while being inclusive of diverse perspectives, the fine balance between extensibility and strict guidance every standard strives towards, and more.
As the episode ends, Pamela discusses Women in Identity, where she serves as a director. Women in Identity is a non-profit organization creating identity solutions for and built by everyone. They’re working to drive a more diverse workforce in the digital identity industry. Their membership is open to women and their allies.
[3:55] - What are identity standards?
[6:12] - How did identity standards come into practice?
[7:37] - What is LDAP?
You can find more details about LDAP here, but nowadays, chances are you won’t run into any situation requiring you to know so much about it.
[16:05] - What is IETF?
The IETF site, at https://www.ietf.org/, reflects the incredible breadth of the organization’s scope, which concerns itself with all things internet hence goes well beyond Identity. All the OAuth related activity (specs, smiling list traffic, etc.) can be found at https://datatracker.ietf.org/wg/oauth/about/.
[20:37] What is the OpenID foundation?
[32:50] - What is Women in Identity?
Identity, Unlocked is the podcast that discusses identity specs and trends from a developer perspective. Identity, Unlocked is powered by Auth0. Vittorio Bertocci is Principal Architect at Auth0 and applies his vast knowledge of the identity industry to Auth0 in all aspects of the company, including internal and external education, product innovation, and customer integration.
Auth0 provides a platform to authenticate, authorize, and secure access for applications, devices, and users. Security and application teams rely on Auth0's simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding billions of login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world.