Monday was a level set which was regular conference style which covered a lot of the basics of identity. It was an interesting mix of different levels of complexity -- we covered everything from general topics of what is identity and the actual language around it to several different protocols, standards, etc. in this space.

I found Johannes Ernst's presentation around YADIS and Dick Hardt's latest rev of Identity 2.0 to be the two best presentations.

Mike Jones from Microsoft demoed some InfoCard bits, focusing mainly on UI. It looks very user friendly -- you choose an identity provider (or InfoCard) from a sort of business card folder interface, with "valid" providers highlighted. It looks very slick, and the stated goal is to make the implementation open source, meaning that they hope to see this on Macs, on phones, on Red Hat, etc. etc.

I was lucky enough to wrap up the afternoon by connecting with Steve Williams. I left my power adaptor back in Vancouver, and Steve not only gave me a ride to that evening's dinner, but also stopped by to grab a temporary power adaptor from his mom. Wow! Lots of friendly people here, but Steve stands out ahead of them. He's working at Digg and we had some interesting general discussions about scaling PHP/MySQL apps.

At dinner I spent a bunch of time talking to the OpenID gang -- Jan Rain. Turns out Jan Rain is not a Norwegian programmer, but a team of interesting guys working out of Portland (where they happen to know Bill Fitzgerald, who does a lot of work with Drupal in education). I floated my big long concept of how Drupal.org itself might become a neutral identity hub.

I have some longer notes on this Drupal.org-as-identity-hub concept. The short form is that the site/the community already is a de-facto neutral identity provider. Currently, it uses a Drupal-only distributed auth that is not particularly secure or rich, but everyone in the community tends to have an identity from Drupal.org, and it "just works". So, can we perhaps transition this to using an identity protocol that is standard and interoperable with other systems? I think so, and this will be one of the things I work on for the 4.8 cycle.

I'm going to say a special thank you to Microsoft and Kim Cameron/Mike Jones for the dinner this first night (and I think Verisign ended up paying for a big chunk of the feast as well). There were a ton of good discussion and community feeling happening and the surroundings and "breaking bread" together greatly contributed to that.

I wrapped up the evening meeting Andy Lacroix and Salim Ismail (Canadians!). Pretty much goes to show that I need to come down to the Bay Area more often.