I'm enjoying the last week of summer, so in lieu of a new post, I'm reposting a 'best of' entry this week. This was originally posted May 13th, 2006.
NOTE: There is a political refernece below, as it is a topical situation that got me thinking about trust communities in search. This blog is a-political, and the scenario is used as it is the one that sparked the idea. I take no stance on whether the claims made by Mr. Snow are valid/invalid.
I was reading some news sites this week, and was reminded that this was the first week of US President George Bush's new press secretary, Tony Snow.
Before he gave his first press conference, he did something interesting. He sent out press releases questioning the validity of comments made by the New York Times, USA Today, and other publications.
So this got me thinking. Playing devils advocate, suppose that he's right. If I trust Tony Snow (based on his historical record of trust worthiness), I may now discount results from these media outlets in favor of others. But for me to discount these sources when searching, I can't. Even if I cease to trust them (or trust them less), they show up in the the rankings per Google or Microsofts opinion of their relevance.
The search engines from Google, MSN, and Yahoo have their own algorithms to consider relevancy. One of the things these search engines do provide is a level of filitering for “safe content“, blocking out material that may be considered objectional (i.e. these block pornography results).
What they don't do is consider in the rankings is the levels of trust of an individual or of community. What I want to see is something that goes to the next level, don't just block what's objectionable, show me the results that are relevant to me based on trust.
Perhaps one of the media outlets Mr. Snow referenced, let's pick a fictional name, say MakeBelieveReporting, Inc., is regularly mis-reporting information or is slanting stories towards a particular political viewpoint. I may cease to trust that organization to provide news to me, and would like to rank them lower in my personal results when searching for news, if not remove them altogether.
When I search for news, perhaps there are certain stations / periodicals I trust - for example the Wall Street Journal, the Financial Times, CNBC, and my friends John Smiths blog. These are entities - regardless of web site traffic or the opinion of the search engine I'm using -that *I* trust to be accurate and provide me information. I do not, however, want results from news outlets that are part of MakeBelieveReporting, Inc. as I have ceased to trust them.
What I'm thinking of isn't based on assumed trustworthiness based on click traffic, this is based on trust relationships. Even if I visit a site twice per year, it could be far more relevant to me than a site that is viewed more regularly by others.
And my community of trustworthy providers could be extended based on the feedback of those people I trust.
There's the concept that if person A trusts person B, and person B trusts third party C, that person A shoud likely trust Corporation C based on the fact that he trusted person B's judgement.
In the previous example, I trust my friend John Smith who writes a blog. If John trusts the Crosby Herald, and I trust John, then I too could trust the Crosby Herald and have it included in my community of trust that is reflected in my search results.
Think about the days before Axciom, TRW, and credit reports. People vouched for other people to get jobs, apartments, loans, etc.
When you sign for a loan and you are not a known entity, you need a co-signer or guarantor. The bank says, I don't know if I can trust this person, but I trust the co-signer. The co-signer also trusts the loan recipient to pay the money back.
If someone co-signs for a loan for me and I decide not to pay it, there are financial responsibilities that are then taken on by the co-signer. The co-signer will trust the recipient less, as a result of mis-placed trust, the bank may stop trusting the co-signer's ability to identify a trustworthy loan recipient.
In another example, suppose you make plans to go out to dinner with your spouse on Friday night, and when you ask her where they'd like to go, she says “you pick - I trust you.“ If you're new to the area, you may ask a colleague - whom you trust - for a recommendation of a local restaurant. If you go to the recommended restuarant and you end up getting food poisoning from the meal, you probably will not look to your colleague for advice on restaurants in the future - and you - who vouched for the restaurant -will likely end up at a restaurant of your spouse's choosing next time around.
Your spouse trusted you, you trusted the colleague and when the information relayed turned out to be bad, two things happen. You cease to trust the advice of the colleague (atleast in the context of cousine), and your spouse trusts you less as the broker of the information.
Once you start adding in trust, you also need to be able to trust in context. That same colleague from work may not be someone I trust on picking restaurants, but may be someone I look to as a source on technology subjects.
What we need is search that includes both consideration of these communities of trust, where we as participants in the web determine who is trusted and who is not, and provide the ability to apply trust in context.
By introducing contextual trust as a first-class citizen in search, it has the opportunity to both provide results more relevant *to me*, and as trust=traffic=revenue, provides a financial incentive for providers to be trustworthy.
That's my two cents - what do you think?
Nayna and Rob have made it official with their post (http://winliveid.spaces.live.com/Blog/cns!AEE1BB0D86E23AAC!931.entry), Windows LiveID has added beta support for Information Cards and Windows CardSpace.
The way this works is identical to the way I described how to add cards to an existing website in my book. Through a management interface, you associate information cards with your core account, and the user is provided the option of signing in with either their information card or a password (as shown below).
All good stuff, and worthy of checking out. 
Getting ready for the tafiti launch, I had the chance to have a discussion with Jon Udell at Channel 9 last week. We talked about incubation, services, mashups and tafiti.
The abstract for the session is -
"Marc works on the platform incubation team. In this podcast we discuss what platform incubuation means, how the Tafiti project exemplifies it, and what the future may hold not only for Tafiti but for a platform that's evolving to encompass both software and services. "
The podcast of that conversation is now on the main page over at Channel 9 (channel9.msdn.com), the permalink for it is here - http://channel9.msdn.com/showpost.aspx?postid=335996
Being on an incubation team, many of the projects I'm attached to are not discussed with the public. Today, however, is a great exception to that rule.
I'd like to introduce you to Tafiti.
Tafiti, which means "do research" in Swahili, is an experimental search front-end from Microsoft, designed to help people use the Web for research projects that span multiple search queries and sessions by helping visualize, store, and share research results. Tafiti uses both Microsoft Silverlight and Live Search to explore the intersection of richer experiences on the Web and the increasing specialization of search.
You can try Tafiti following these steps:
· Go to http://www.tafiti.com
· Enter a search query
· Drag interesting results to the shelf on the right. Each box on the shelf can be used to save a related set of results. Shelf contents can be saved and shared.
· Use the carousel at the bottom left to do different types of searches (image, blog, etc.)
· Visualize your results using the Tafiti Tree View.
I did a video interview with Channel 10 on this that has just been posted here.
http://www.on10.net/Blogs/larry/first-look-microsoft-tafiti/
I also did a standalone walkthrough you can get to here:
http://www.tafiti.com/walkthru.html
More to come as the week progresses....
RSS. Really Simple Syndication. Great for identifying your available content, great for sharing content that can be consumed by aggregators and readers.
What it's not great at is providing a monetization model. Sure you can use ads on your website, but I think there's a better way.
I put together a screen cast that talks about syndication and the opportunity to leverage information cards and CardSpace to monetize RSS and OPML.
Watch it by clicking on the link below.
http://www.marcmercuri.com/downloads/MonetizingRssWithInformationCards.wmv 
If you've just bought my new book and were looking for the completed exercises, I've posted them at the link below:
http://www.marcmercuri.com/downloads/beginningcardspacecode.zip
As some of the code focuses on and/or builds upon code that exists in existing projects (that evolve outside the book), refer to the links in those chapters for links to where the base projects can be found.
This download should be available on the APress website next week as well.
I was reading James McGovern's blog today and ran across the following question -
I am still awaiting a perspective from Marc Mercuri on his thoughts of when someone presents a personal card to a relying party and it requires a workflow (Kim Cameron's blog requires a lightweight email confirmation) should the relying party integrate into BPEL or SPML and what is the best way for folks to think about this?
Before I answer the question, I want to establish two assumptions I've made, based on my interpretation of the question. The first is that 'personal cards' here is synonymous to 'self-issued cards', the second is that when referring to workflows, we're discussing workflows whose focus is to perform some process that will validate that the claims presented are accurate and the individual presenting the claims is indeed the person he/she/it claims to be.
If you've seen any of the videos I've done on information cards, you may have picked up on the fact that I'm a big fan of self-issued cards, as they allow an individual to readily share details about him/herself to recieve a a much more pleasant experience on a website or when accessing a web service. Many sites today ask you to sign up with a username and password and ask you to populate forms. With a self-issued information card, the key claims are already on the card, so it makes signing up for a site fast and painless. Then there's the personalization benefits. You could have a government site that read your postal code and provided a personalized view of "your government" - complete with data ranging from when trash is picked up on your street to legislation that may be impacting your area. You can log onto the website of an electronics store and present your card to easily get to the details for current sales in your area. There are plenty of great scenarios where a site or service can take an information card and use it - without the need for validation - to provide a better experience.
But 'plenty of great scenarios' does not translate to every scenario. There are circumstances where you will want to validate the claims that are on the card. Those scenarios are all tied to risk. And this is typically tied to risk of financial loss or an potential impact to reputation. In these cases, you'll want to take the information provided and evaluate it using a workflow.
Real World Examples
In the real world, I may call a local restaurant to deliver a pizza to my house. They take my order, my address, and my phone number. For orders below a certain dollar threshold, they'll typically just make the order and deliver it. However, if I ordered 12 pizzas, there's now more risk. And because there's financial risk that they'll waste time and resources creating 12 pizzas for what could be a prank, they'll undoubtedly call the phone number I provided to confirm that I placed the order.
If you want to publish a letter to the editor in a newspaper, you typically need to provide some evidence that can be used to prove you are who you say are. The New York Times requires that any such letter "must include the writer's address and phone numbers.". Why? Because there's risk to their reputation - as well as to the reputation of the people letter writers could claim to be - if the identity of the writer can not be determined.
Online Examples
If you've ever used Paypal, then you've taken part in a workflow where information that you've self-asserted has been validated. In this case, when you open an account they place a very small deposit (pennies) in a financial account you claim to hold. To validate your identity, you examine your account and provide the amount of the deposit. This is a very clever workflow, because it leverages an account that you have with an existing financial institution, an account that likely required your identitiy being authenticated in person, using a drivers license, passport, etc.
From a risk of reputation perspective, James pointed out what will become one of the more key scenarios, validating the identity of someone who posts to a blog. To avoid both spam and anonymous comments that could range from libelous to threatening, the owner of the blog will want to make sure you are who you say are. This is really almost identical to the New York Times' Letter to the Editor requirements.
Using Workflow
Once you've assed the nature of the risk is financial or reputation related and the specific valuation of that risk, you'll want to identify the type of workflow that will mitigate that risk for you.
Sometimes, that will be a sequential workflow, and that is typically where you will invoke one or more automated services to validate the claims in real time. For example, given my name, birthdate, home phone number, and website, you might be able to tie into some back end systems to validate the information I provided. In some cases, a workflow may retrieve additional data, which can then be used to challenge the user. This type of interaction happens synchronously and my identity can be validated during my same online session.
In other circumstances, you'll want to use a state machine workflow. This workflow is longer running than it's sequential counterpart. Once information is presented at a site or service, a communication could be made to one of the modes specified in your contact details - this is typically an email, but could just as easily by an automated speech-based service (IVR). When contacted, the workflow will deliver a code to the user. The user will then go back to the website and provide that code. This is typically accepted as a proof of identity for providing blog comments. Other examples of state machines could include a site performing related checks, for example a dating website could validate your information and then perform a check with other systems to validate that you're not married. In these circumstances, the process could be completed quickly - I could get the email right away and respond in minutes, or it could complete in hours, days, weeks, months even. If John Smith signs up for a site before he goes on vacation, and the validation email doesn't arrive until after he's left, that process could remain in the 'waiting for response from user' state for several weeks.
Back to James' question
So now, back to James' question, "should the relying party integrate into BPEL or SPML and what is the best way for folks to think about this"
I couldn't in good faith tell everyone they should implement this in BPEL. If the whole REST vs WS-* debate has taught me anything, it's that while there is tremendous value in having well thought out standards that are implemented by Enterprises, ISVs, and Infrastructure companies, there is a large segment of folks that won't use it for any number of reasons (learning curve, implementation complexity, required tools/infrastructure, time to implement, etc.).
What I'd do first is identify the workflow itself, specifically what business rules need to be validated and what integration points need to be in place to feel comfortable that the risk has been mitigated. Before we talk technology, what is the type of interactions that need to happen. Do you need to send an email and then wait for a response? Do you need to tie into back end systems to validate the information? If the workflow is based on identity validation, identify what should happen when identity validation is successful, when it is not successful (identity could not be validated) or when it fails (system exception).
Then, look at technology and determine what works best for you. For some folks this could be Windows Workflow Foundation, for others this could be BPEL, for others it could be BizTalk, and others still it could be C#, Java, Ruby, or PHP libraries that implemented the workflows directly in code. If you're writing this yourself, I'd typically advise taking whatever code you build and make it available with it's own service(s). This has benefits on a number of fronts.
I will add that there is an opportunity for someone/some group to identify some of the more common patterns (similiar to what was done with the document referenced in my last post) and then to implement and make available those patterns in the form of binaries or services.
I'm just finishing up another project at the moment, once that's out the door, I'll take a look at coding up one or more examples and then throwing the bits over onto CodePlex for people to have at it.
Over the course of writing the book, there were a number of things going on in parallel inside MS, some of which weren't finalized when the book went to press. One of those items was the patterns document that the product group published this month. I had a chance to sit down with one of it's authors, Bill Barnes, while writing the book, and serve as a reviewer on the initial passes of the doc.
It's an excellent doc and a must read. One thing to note, is that if you look at the chapter on modifying the existing ASP.NET membership controls to support information cards, you'll see that I provide a number of stored procedures to handle additional scenarios mentioned in the doc.
You can get the document here
http://www.identityblog.com/wp-content/resources/information_card_patterns.pdf
I was reading the news this morning and saw that Google announced they were now going to sell people cloud storage, targeting folks with large media collections.
Not a bad idea, but why pay Google when you can get storage for free? Last week Microsoft announced the beta of Windows Live SkyDrive. You can get 500 meg, and it's compat with IE and FireFox on both Windows and Mac. But it's better than just storage, because it allows you to place your files in folders and then have the option of sharing those folders with everyone (making them public) or just a select group of friends.
Full details are here.
http://skydrive.live.com/WelcomeMoreInfo.aspx
When looking at personalization, there are a couple of concepts that most people assume -
(1) This is primarily of interest in eCommerce Sites
(2) To perform personalization, a site either needs a transaction history (from which to draw inferences/make recommendations) or requires a user to manually fill out a profile.
The reality is that personalization is valuabe across industry verticals, and now with information cards, you have the ability to easily provide personalization on a persons first visit.
Rather than use the expected eCommerce Site example for personalization, I decided to go a different route. Instead, I dedicated a chapter to building a project I named "Personal Government". Using a self issued information card, the Personal Government web site can take a single claim - postal code- and retrieve data across multiple data stores for a personalized expereince. The chapter has the user build this public sector mashup with free web services from StrikeIron. If you actually wer ea public sector website, you can imagine how you could extend this with real data - everything from municipal schedules (what day is trash pickup?) to legislation (which legislation tha tis underconsideration would affect my neighborhood?)
The video can be found at the link below, or by clicking on the image below.
http://www.marcmercuri.com/book/cardspace/informationcardsandpersonalizationinPublicSector/InformationCardsAndPersonalizationInPublicSector_media/InformationCardsAndPersonalizationInPublicSector.wmv
I recieved my authors copies of the book on Friday, and a quick look on Amazon and Barnes and Noble indicate the books are now 'in stock'. If you pre-ordered, your books should be making their way to you now.
In a recent post that clarified that a Java RP is covered in my book, Roger responded "Could you talk more about the characteristics of Java RP and all the open source out there?"
One of the most pleasant things about writing this book is that everyone realized that identity on the net was a problem, the metasystem was a sound approach, and we could all work together - even if our implementations were done on different platforms and in different languages. People just want to solve the problem, and help educate people on how to solve it.
One of the areas where I see the biggest opportunity is helping everyday web developers easily become relying parties. Another is showing those same web developers how information cards can be used for much more than just logging in, particularly for personalization. There are great Java RP's out there, just as there are great RPs in .NET, PHP, and Ruby. I talk alot about them in the book.
So when a question like this comes up, the question is, do I post the book content online (to answer the question) or do I suggest someone buy the book? One thing that I've been toying with is talking with the publisher about potentially open-sourcing the open source related chapters of the book. The thought was that the open source chapters could be introduced in a wiki-style environment and the community could make sure that new projects were identified, updates in projects, etc. When developing the book, that is the chapter that was re-written the most as there were a number of changes between last March and this year.
Before I talk to my publisher, I'm interested in your feedback on two questions:
(a) Do you think folks in the open source community would still buy the book?
(b) Do you think folks in the open source community would participate?
Mike Jones was kind enough to post a mention for my new book recently, and it was great to see comments and other blog posts triggered by that. One of the blogs that mentioned the book was James McGovern's. In his post he mentioned that it was disappointing that the book didn't cover Java. This is unfortunately not accurate and I wanted to clarify what's covered outside of Microsoft technologies.
Five chapters of the book are implementation agnostic and focus on key topics ranging from authentication and authorization to personalization. One of those chapters examines the majority of the projects in the open source community. Another chapter is focused on implementing relying parties - which is what most people will require - in Java and PHP. For Java, this focuses on code provided by Chuck Mortimore (if unfamiliar, he's created a fair amount of information card-related plugins and artifacts). For the other chapters, the code is written in C#. While this is not Java, the syntax is similiar enough that it can be reviewed for both structure and approach. While Ruby code is not covered in the book, the book does contain links to Ruby resources and open source projects related to information cards.
I've got several screencasts I'll be posting shortly that highlight what's covered in key chapters. Look for these to start popping up online soon.
So I'd been reading alot about Joost - the new internet video company from the folks who brought you Skype - and wanted to check it out. I'm not at a point where I'd recommend it yet, but if you want to see it for yourself, I thought I'd pass along how to get access to it.
If you go to their homepage, you could sign up and you're placed in a first come, first served queue for access. I found a faster way to the beta,via http://www.joost.com/vh1. With that, you can jump to the head of the list and get an account immediately.
In case you missed it, Microsoft just released some great new downloads, specifically new versions of VS 2008, Silverlight, and Expression Blend.
As someone who started writing what are now called AJAX apps since 2000, I *really* appreciate how Silverlight and Blend make RIAs much easier to develop.
Links to all the bits-
After spending most weekends of the past couple of years writing books or papers, I'm finding it novel to have my weekends free again. Now, instead of writing, I've been catching up on my reading.
The week after the book was set at the publisher, I headed off to the UK to spend some time with my in-laws. We spent part of the trip in of one my favorite places, the family summer house on the Irish Sea. They added a conservatory since my last visit (see pic below), and it looks out over the sea, which made for a truly relaxing environment to read. While I hadn't done much 'fun' reading while I was writing, I had been acquiring a number of books.
The name of this blog is 'Living in a World of Connected Systems', and a number of books I read covered 'connectedness', among them were the Tipping Point, Spreading the Idea Virus, and The Black Swan. Different authors, very different styles, and all enjoyable reads. I'd definately recommend them (particularly The Black Swan), so if you're looking for something interesting to read, check them out.
When I wrote my new book, Beginning Information Cards and CardSpace: From Novice to Professional, I wanted the reader to go beyond building just 'Hello World' applications that just focused on learning features. Instead, I wanted to have the readers build practical, usable code.
In an effort to let you see what you'll be getting when you buy the book, I thought I'd do some screencasts to highlight what you'll build out.
I'm going to start with Chapter 13, which focuses on automating the issuance of managed cards with Workflow Foundation.
In that chapter, you'll create a number of Workflow Foundation custom activities that can help you automate the issuance of managed cards, complete with email delivery.
Also included is a sample application will calls the workflow and generates a card based on data provided.
Click on the image below to see the video:
With the blogging starting up again, I had a number of notes for topics. At the top of the list was a response to getting blog tagged by Francis .
For those unfamilair with blog tagging, once you're tagged, you need to reveal 5 things about yourself that people might not know.
(5) I have 3 Xbox 360s.
(4) Some people write or code to music, I write to the TV show 'Law and Order'. Between the CardSpace book and chapters for the WCF book (and thanks to 4 dvrs), I've seen almost every episode of Law and Order, Law and Order:Criminal Intent, and Law and Order:SVU.
(3) I'm one of 400 people in the world who have a real Pong clock.
(2) I have what looks like the 'Fight Club' scar on my left hand. I got it during my first 2 weeks at Microsoft.
(1) My full-time career in software (vs. writer) came about after spending a finals week at Wellesley College. (ask me over a beer, and I'll tell you the details)
After a very long hiatus, I am very happy to report my return to regular blogging. The book is now done, some of my major projects are either completed or winding down, and I'll have time to write, post and add screencasts.
So what have I been doing for the past year? Last summer, I took on a new role as an Architect in DPE Platform Incubation Team. I've spent the last year working on solving difficult problems and working on interesting projects. This has hands down been my most intellectually rewarding year in the company. While you won't hear publicly about alot of my work, there are some things I've contributed to that have been entering the public view recently.
I've been doing alot of work with teams in the company doing mashups and mashup events. Last December I wrote 5 'blocks' for a product we had in development that's now been launched over at http://www.popfly.com. I believe it's still on an invite only basis. If you've been on the site, you know it's pretty cool stuff. If you haven't, I believe it's still in an 'invite only' mode. If it is, let me know, as I've got a couple of invites I can share.
In addition, I ended up modifying the dasBlog engine and starting another site. That site http://www.mashupguy.com, is something you may have seen at various conferences this year. I wrote a number of labs that show how to work with various Live APIs, checked out a number of third party services, found some videos, and brought them altogether on that site. It's been used as a resource for everything from the MVP Summit to Mix07 to the Web2Open at O'Reilly's Web 2.0 Conference earlier this year. I've been pretty quiet about the site outside of those events, and plan to migrate it over to silverlight when I get back from Europe later this summer.
I also had a chance to do some work with the folks over at Windows Live and worked with Koji Kato to get LiveInABox published. Specifically, I wrote some workflow activities that wrapped Live Expo and Live Search and generated an aggregate RSS feed and RSS client for them. In addition to being on CodePlex, we've managed to get VPCs hosted in the cloud for folks to try out.
I did have a chance to work with another one of our online properties as well, and expect to see some impact from one of our projects before the year is out.
In addition to cutting back on blogging, I also cut back my public speaking engagements this year, with just one exception. I had worked with the great folks over at Dollar Thrifty Auto Group last year and one of their architects asked if I'd be interested in coming to deliver a keynote at the Tulsa code camp, so I flew out to Tulsa for the day (an interesting route from Seattle) and had a chance to talk about CardSpace. For private speaking engagements, I was pretty engaged at a number of our internal events, and recently was interviewed for some of our internal videos for Engineering Excellence and Innovation.
My largest project, you won't hear anything about anytime soon, but I was honored to find out recently that I was nominated for 2 awards for it, Microsoft's Circle of Excellence Award and the Customer Partner Experience Award.
And then there's the book... with my change in role last year, I ended up spending much more time outside the office working on the research and writing of the book. The book, initially targeted for March, was pushed to June when content grew from the 300 pages I committed to, to almost twice that. Expect to hear (and see) more about the book over the next week or so.
So blogging will resume starting today, the blog will likely go through a site redesign later in the month, using the new template I created for mashupguy.com, and I'll be expanding the scope beyond framework 3.0, where things have been for the past year and a half or so.
Glad to be back, and happy to have you reading,
Marc
The blog may be down periodically this weekend, as I'm upgrading the blogging software. Downtime should be limited to late evening hours (US Pacific Time)
Chapter Three of my upcoming book focuses on the work being done with information cards and in the identity metasystem by people outside of Microsoft. The chapter covers third parties and open source projects, focusing primarily on the folks building identity selectors and security token servers. In the process of researching that chapter, I ,of course, ran across the work of Chuck Mortimore. If not famliar with his work, Chuck has built out a Java Relying Party, an identity selector plug-in for FireFox, and his site ( http://www.xmldap.org) issues managed cards. His identity selector has even been enhanced to handle interop with OpenID (see screenshot below).
Needless to say, I was impressed with his work, and reached out to him about including screenshots of his work in that chapter. He was very gracious and gave his approval. As I was wrapping up the book, one of the readers of this blog asked if we were going to have support for Java in the book. Initially, for relying parties, I'd only committed to the publisher for ASP.NET and PHP. In the pre-.NET world, I actually was an early adopter of Java (heck, I even hired Gary Cornell, of Core Java fame, to come to Boston and train my team on Java), so I thought what the hell, and decided to have a go at it. As I was dusting off my core-java books to write the sample, I thought to myself, if I was a java guy, who would I want a sample from? A Microsoft guy who hasn't written any Java code in awhile? Probably not 
I thought of who - if I was a reader - I'd like to see the Java sample come from. A big fan of his work over at xmldap.org, I reached out to Chuck and asked if he'd be interested in contributing a java sample for the chapter. I am really pleased to announce that not only did he agree, he's already sent me the code. If you've not done so already, definately check out his site, he's doing some great work.
I'm pleased to announce that my book now has a new technical editor, Steven Woodward. Steven leads the Identity and Access Management team in Microsoft's Developer & Platform Evangelism Group. Steve works very closely with our top customers looking at the adoption of Information Cards and Windows CardSpace, and he's a regular fixture at a number of major conferences. I had the good fortune to work with Steven last year when we were both members of the Windows Server evangelism team, and am super excited to have Steve onboard.
He's provided some great insights and comments that have already added value to the book.
Welcome Steven!
Speaking of folks that I got to work with last year, I had the opportunity to work with Alberto Arias on a major WF project in the UK (the first Fortune 500 WF project in production, I believe). Earlier this fiscal year, Alberto crossed the pond and took a job over in the Connected Systems Division.
He's been working on activities for BPEL (Business Process Execution Language) for awhile now, and while chatting with him tonight, he told me that with today's announcement on Paul Andrews blog, it was now cool to talk about the BPEL support externally. He and I then booted up Meeting Space in Vista (if you've not used it, check it out, it's quite cool), and he stepped me through how it works.
Having spent alot of time with customers and partners last year, I regularly heard requests for BPEL support. The implementation is very clean, very straightforward, with capabilities to import and export BPEL. BPEL 1.1 wil be supported in the March CTP, and 2.0 will be supported after it is ratified by OASIS. I think people are going to be happy with it, it's very cool stuff - hats off to Alberto and team!
Just about a year or so ago, I was down in Tulsa working with the good folks at Dollar Thrifty Auto Group, who were doing some great stuff with WF and WCF. If it sounds familiar, I chatted about what they were doing in an ARCast wit Ron Jacobs, and Ron also did an interview with them from Tulsa. (both recordings are available over on http://channel9.msdn.com or http://www.skyscrapr.net.)
Earlier in the week I was talking to Jim Arrowood, a friend and architect at Dollar, and he asked how I'd like a free trip to Tulsa. A s I told him, there are no free lunches in life, and I'm sure no free trips to Tulsa. It turns out there's a CodeCamp event coming up (http://www.tulsacodecamp.com) and was curious if I might be interested in speaking.
A couple hours later I had a ticket to Tulsa and was slotted in for two sessions, an hour in the afternoon and the closing keynote.
I'm looking forward to it, as codecamp is focused much more on code. Last year ,when I was speaking at events, I had to spend a good amount of my sessions doing intro stuff. With the framework having been released for awhile now, I'll be able to dive right in and show some cool stuff I've been working on. If you've seen my previous sessions, expect all new content for this.
The timing of the event is literally days before the release of the updated WCF: Unleashed and I should be wrapping up the Understanding CardSpace and Information Cards book.
If you're going to be in Tulsa and there are particular aspects you're interested in, let me know and we'll see if we can squeeze it into the sessions.
Going through my email this morning, I received my official Mix07 confirmation. Last year, I had a number of customer commitments so was really not in the loop on Mix, this year, though, I've had some overlap with some of the things I've been working on and have had a chance to get involved in various aspects of the event.
Earlier this year I went to another web conference(which shall remain nameless), and was so dissapointed I left the conference (and Vegas) a day early. (Me, leaving Vegas early? unheard of, I know).
Mix, though, is a different story. From what I've seen of the sessions, this is actually an event I'd pay out of pocket to go to. It's got a good mix of folks from MS, as well as from third parties. I may or may not be delivering a session, that's something that'll get decided in the next month or so, but will be onsite either working in certain areas of the event, or attending sessions.
One of the great things about conferences is that I get a chance to meet up with former colleagues and people I've chatted with via email and blogs. If you're going to be in Vegas the 29th - 2nd and want to chat about WCF, CardSpace, Mashups, or whatever - shoot me an email and we'll make some plans to sync up.
|