Andre Durand

Discovering life, one mistake at a time.

Archive for the ‘Musings’

Wake up and Smell the Success

April 01, 2002 By: Andre Category: Musings

So I’ve been brewing all weekend on the comments Dave Winer made surrounding my views of open source, and feeling a bit of guilt about my defensive and timid initial response.

Jabber, an open source project from day 1, has emerged as the leading contender in the instant messaging space despite over 50 commercial competitors, many of which were much better funded than Jabber. In hind-sight, the reasons for this I believe to be quite simple:

1. Jabber was architected very well thanks to the entire Jabber OPEN SOURCE community.

2. Early on, we cultivated the concept that a robust ecosystem capable of meeting the markets demands required both an open and commercial element, and we worked hard to bridge the two by providing a foundation for commercial involvement through the introduction of the JOSL license which was much more commercial friendly than GPL.  

If you take the open source rule-book at face value, and close your eyes to the possibilities, or the positive attributes that open source exhibits, then you have constructed blinders which narrow your view to only one-half of the equation. The fact is, the pendulum swings fastest in the middle, which is neither copyRIGHT or copyLEFT, but a well-designed mix of the two, where mutual goals are not mutually exclusive, but in fact MUTUALISTIC.

We’ve had this vision from day one at Jabber, and it’s likely the reason that BOTH the open source community AND the commercial entities surrounding it are doing as well as they are. I’ve also taken these concepts and moved them up one additional notch at Ping Identity ( and

Don’t argue with success. Open Source is no more dead than the traditional proprietary software company. If  I have my way however, your going to see a new breed of dog in town, a mutt with a killer bite! 

Jabber – What’s Next

April 01, 2002 By: Andre Category: Musings

Jabber has evolved over the last three years into one of the dominant instant messaging and presence platforms. I often relate to it as the “SMTP” of Instant Messaging. But future growth and expansion will require a concerted effort on behalf of the community to overcome some of things which Jabber does poorly today, namely, the ability of third party developers to leverage existing client distributions to add new applications to the network. Unlike the ‘browser’, which provided a dynamic client-side platform from which server-side developers could deploy application ‘into and through’, Jabber clients are mostly ‘hard-coded’ so to speak, and do not provide a flexible and dynamic framework from which server-side developers are able to add and deploy new applications. This fact is stunting the speed and growth of the Jabber network. Read about how I think the Jabber community needs to approach this problem to cross this chasm into the next 2-3 years of its evolution… 

Jabber – What Next

April 01, 2002 By: Andre Category: Musings

In early conversations with Jeremie Miller (Jabber founder), he spoke of his desire to ‘consolidate’ the IM client market by creating a single instant messaging client that could talk to all of the various IM networks through server-side gateways (translators).

While the vision made sense, Jabber’s sophisticated open source client libraries combined with the communities interest in building chat clients  quickly resulted in a mushrooming of Jabber-based chat/IM clients. I used to joke with Jeremie that Jabber clients were proliferating like rabbits and instead of solving the problem (fewer clients), all we were really doing was magnifying and expanding it. Heck, at one point, I think we had more Jabber clients than all the competitions combined! 🙂

It was clear in the early days of Jabber, Inc. that we needed to focus first on the robustness and scalability of the Jabber server, and that this was the foundation of our ability to call it infrastructure and a platform for extensible presence and messaging applications. Over the course of the last 2 years, Jabber, Inc. has executed well against this vision and focus and now delivers a highly scalable and extensively tested Jabber server, 100% compliant with the Jabber (XMPP) protocol.

Having completed ‘phase I’ of its mission, it’s now time to turn our attention, collectively, on the next problem and evolution of our platform, the Jabber Client.

In thinking through the possible scenarios for future development of the Jabber platform, nothing strikes me as potentially more exciting and more important to the community as a hole than to come together to rally around an extension of the core platform-like capabilities of the client.

One of the biggest hurdles to the adoption of client/server systems is the friction associated with downloading and installing separate clients. As it stands, every Jabber client requires a separate download, and many of these clients are doing nothing more than simply replicating the functionality of several existing Jabber chat/IM clients. The time for this to end is now!

In thinking of the Jabber client/server platform as a platform, we should (again collectively as a community), be thinking of the client as nothing more the client portion of our platform, and not as any particular ‘application’. We should be thinking of ways to extend the ‘core’ capabilities of our client platform in ways that can be harnessed by server-side development, and we should be thinking of ways to consolidate the propagation of these core client features throughout the Jabber community.

If I had my druthers, here’s what I would do.

I would start work at once on the concept of what is ‘core’ in our client libraries. In essance, what I would look to do is extend what is considered and harnessable as generic functionality within any client application, and I’d make sure that this enhanced functionality can be harnessed at the server, perhaps through server-side add-ons. Take for example the concept that with nothing more than some server-side scripting, I would be able to use any Jabber client running in the desktop to pop-up a form or a notification window (not a chat window). With only server-side development, I would be able to control of the look and feel of the form and the buttons which appeared to the user. By adding nothing more than a few simple forms and windows controls to ‘core Jabber functionality’, Jabber would enable entire new families of applications having nothing to do with chat or IM.

Secondly, I would work with the community to consolidate the distribution of these ‘core client’ capabilities, so that at some point in the future, server developers could count on a homogenous client-side capability. I personally believe that one of the biggest problems and innefficiencies in Jabber right now is that new developers are not able to ‘harness’ the existing client distribution to add new applications to the network without having to distribute their applications separately. Take ‘Lotus Notes’ as an example of extending core client functionality into a framework for dynamically deployed applications. What would be powerful is if we could agree on methods of harnessing ‘basic’ capabilities that have massive future application functionality potential (forms being one of them).

Thirdly, I’d reposition Jabber in the marketplace from a ‘IM / Chat’ application into a ‘powerful two-way communications platform’.  I’d find some new name to hook to this which denotes flexibility and more generic power like ‘Jabber – The Communications Browser’ or something similar. 

It’s time to graduate to the next level. It’s time to eliminate the inefficiencies and the barriers to third-party development success (most notably, the requirement for every Jabber application to be a separate client app, requiring distribution capability as a prerequisite for success).

Jabber is a client/server platform. Let’s extend the ‘platform’ part of this story beyond its current definition and do so in ways which do more than just parse XML at the client, and provide hooks for sending messages into the Jabber network.

Andre Durand is Chairman of the Jabber Software Foundation and founder of Jabber, Inc. (but no longer empoyed by Jabber, Inc.)

Time – An Ally to Open Source

March 30, 2002 By: Andre Category: Musings

If you have linked here from Dave Winer’s weblog, make sure to also read “Wake up and Smell the Success” on my frontpage.

Many open source advocates write about the value of open source as being tied to free development, accessibility etc. etc. ( While I am probably more skeptical than the pure open source advocates, my experience with Jabber has shown me one attribute of open source which I feel has been largely overlooked.

While it is probably not the open source communities role to speak to some of the additional marketing benefits of open source in a competitive environment, I have, in the past two years, through experience gained at Jabber, discovered perhaps one of the most important attributes of open source. 

It’s fairly well known that if you’re in the software industry, time is not your ally. Any traditional software company that has not viewed time as working against them has probably had their lunch handed to them in fairly short order. Smart software companies have learned to obsolete their own products before their competition did it for them, and the entire urgency surrounding feature deadlines are largely driven by a race to beat the clock.

The truth is, for many proprietary software companies, time does indeed tend to erode, almost exponentially, the return one might expect to see from their software assets.

But that’s not the case with open source, especially in markets where the open source project competes with proprietary and closed systems.

True unteathered accessibility and frictionless access to software and source code through the Internet can work for the open source initiative when competing against proprietary and closed software. In this particular case, time can and does in fact become an asset and ally in a well positioned and well executed open source project that seeks to gain marketshare while competing against well funded commercial competitors.

Last Line of Defence: Relying on What’s Out of Any Individuals Control

March 24, 2002 By: Andre Category: Musings

There’s a well known mantra in the security industry that speaks to well designed security systems as adopting a separation of identity authentication into 1) something you have (e.g. ID card), 2) something you know (e.g. password, and 3) something you are (e.g. biometrics such as fingerprints etc.). While careful use of these techniques will serve to reduce the risk of identity theft, they will not eliminate it, and as people and systems come to rely more heavily on identity related conveniences, the potential damage from identity theft becomes that much greater.

But in and of itself, can identity theft really harm someone? It’s not like stealing a car, wherein the stolen item has utility in and of itself. Your digital identity is information, and that information can only bring harm to you or your digital reputation it is used by others in an unauthorized manner, and therein lies the foundation for what should be considered ‘the last line of defense – the identity infrastructure itself.’

Assume if you will that identity theft is innevitable. Identity infrastructure, which is out of any individuals control, should be designed to reduce the harm associated with that theft. In doing so, what is out of anyones individual control acts as an intrinsic safeguard to the unauthorized use of an identity, providing infrastructural-level mechanisms whereby the true identity holder is notified when a possible breach of security has occurred.



Not all Identities were Created Equal

March 16, 2002 By: Andre Category: Musings

As I contemplate the landscape of existing and potentially new identity-based applications, it appears to me that they fall into roughly two categories. While both types of identity qualify as ‘identity-based applications’, they are perceived, used and treated quite differently by the identity holder and in fact I contend they are indeed vastly different, both in value to the identity holder, and in potential value to the identity vendor and service provider.  

When I become an employee of a company, an identity (e.g. title, function etc.) is issued to me. While certain attributes of this issued identity (referred to within as a ‘Tier 1’ identity) are within my ultimate control (name, address etc.), many other attributes such as network or application access are only contextually and temporarily assigned to me. As long as I remain an employee in good standing, the company permits me to carry this issued identity, however, while I do take partial ownership of this identity, I understand that it can be removed from me at any time, and therefore, I am not in complete control over it.

Now to compare and contrast, take an identity which I create by myself and for myself (referred to as a Tier 2 identity). This identity carries much the same information of a Tier 1 identity (name, address etc.), but there’s a big difference in both my perception and the reality of my ownership and control over this identity. Tier 2 identities are typically thought of as permanent, unconditional and all-encompassing. While both types of identities have their place in today’s networked society, only Tier 2 identities promise to unlock a future of personal identity conveniences promised by identity management infrastructure.

What will be interesting to watch is how Tier 1 and Tier 2 identities interact with one another as they both unfold and their capabilities begin to touch and overlap. While ultimately I believe Tier 1 identities will lay at least partially subservient to Tier 2, Tier 1 has today at least already demonstrated its ability to provide tangible ROI in ways that Tier 2 only promises to do.

Andre Durand is a contributing writer to Digital ID World and the Founder and CEO of Ping Identity Corporation

Digital Identity World

January 18, 2002 By: Andre Category: Musings

Phil Becker, a long-time friend, mentor and former co-founder of ISPCON has agreed to both fund and help develop the industries first Digital Identity World tradeshow here in the US. Working with Justin M. (founder of JabberCentral (, we’re also launching an industry information portal to coincide with the tradeshow. This effort is being done completely separate of PingID to ensure that everyone in this emerging space has an equal opportunity to contribute and participate in meaningful ways. Justin’s been doing a bang-up job at getting the  industry portal together. Here is a first mock-up of what the site will look like. Look for the site about the end of January at

Digital Identity Research Links

January 17, 2002 By: Andre Category: Musings

Equifax Identity Monitering Services
Personal Identity Protection Insurance
Identity Theft Resources
Identity Theft
Travelers Identity Theft Insurance
Digital Identity Servers (.NAME DNS) – ASCIO
Protecting your digital identity
NOVELL Solution Offering – Digital Identity Management
Press Release – Activcard Inks 250,000th Digital Identity License in Deals with Datacard, HP, Sun, Lloyds, Citicorp And US DOD
NewsNetCertainty Inks $3 Million Deal for Digital Identity Services
Protect Your Digital Identity. (Identity Theft Problem).
Second Annual Digital Identity Forum
Rainbow Technologies on “What is a Digital ID”
Ascio Technologies, Inc. – First in Digital Identity
Your legal rights over digital identity
More On Digital Identity, Client-Side Security
CNN Report – Total digital privacy may be on the horizon – Aug 18, 1999
VeriSign And Activcard Team To Deliver Seamlessly Integrated, Next-Generation Solution For Two-Factor Authentication
Legal-Technical Architectures of Cyberspace
Directory services take center stage
Courion self-service identity management solutions reduce support costs, increase security and improve service.
Microsoft – Managing Identity within an Enterprise
Digital signature and electronic signature software for e-commerce security, E-Sign compliant – Digital Signature Help Desk
E-Commerce News Update Sun, Liberty Alliance Align Against Passport
FAQ – VisionShare Inc
Revolutionizing the United States Military ID Badge
Products-Services TrustID Digital Certificates
Personal Certification FAQ’s
PinkRoccade Digisign internet security PGP PKI training digital encryption certificates server ID’s signatures Verisign trusted
Wild ID – Totally Free Digital ID
Where to Get Your Digital ID
Secude Digital ID Center
Az-Tech iSignet iButton Digital ID
Qwest Digital ID Guide
ValiCert Secure Solutions for Paperless e-Business
Clearing the Digital ID
CIPHERWAR U.S. Orders Over 4 Million Digital ID Cards
MasterCard International – Digital ID’s
Welcome to!
Digital Certificate ID Links Page
Pennsylvania seeks to legalize digital ID – Tech News –
The University of Texas-Pan American Computer Center-PKI
Digital IDs, Privacy, and Freedom
Electronic Privacy Information Center
Implantable ID technology – adsx
S-Mime Introduction Page
Computerweek – Mastercard CVSP program
Paragon Services, Inc. – Security FAQs
First Business Bank – Milwaukee, Security-Disclosures
Digital ID Cards Pose Civil Liberty Risk – Report – Digital ID Cards
News Is The Digital Signature Enough
Veridicom, Inc., Fingerprint authentication technology enabling secure e-commerce, smartcard, Smartcards, Smartcard, smartcards
Good Privacy vs. Bad Privacy – Jon Udell
Tovaris – The digital identity company
Identity Center – Identity services, systems integration
SmartTrust – Digital identity products
Join ActiveCard’s digital identity revolution
Government – Building the Digital Identity
Swiss as trusted third parties in digital identity
France Internet Next Generation (FING)
Univ of Toronto – Digital Identity Technology Working Group
e-Security Conference March 2001
InternetWeek – Entrust brings Digital IDs to IBM Mainframes
IBM Zurich Research Laboratory, News – Digital ID Card Test
Viisage Technology Biometric ID equipment
Personal Digital ID’s – Message Rant
ETHICOMP99 – Abstract Regulating Digital Identity
Datacard Identity Center – Evaluating digital identity solutions
Arcot Systems Press Room Press Releases 08.02.00

In the Beginning

January 08, 2002 By: Andre Category: Musings

In the beginning there was Ogg. Ogg had a globally unique digital identity, he just didn’t know it it yet. Credit: Bryan Field-Elliot

Best Photos of Caribbean 2001

December 09, 2001 By: Andre Category: Musings

“THE TRIP” took place between October 5th, 2001 and November 10th, 2001. The islands visited were Bonaire, Curacao and Aruba off of the coast of South America.

Craig “Captain” at the wheel.

Craig at the wheel, 10 knots.

Craig doing what he does best…”Chill’en”

Catching up on Motocross Magazine

Showing off my tan while on a collision course with that cargo ship.

At the wheel. Not moving too fast…

My morning routine.

Edward, the bartender at Sunset Waters.


In Aruba, getting ready to go back to work.

In Aruba, happy about coming home!

Our last sunset. Aruba.

Craig with Kim’s hat. Aruba

On the mountain in Curacao.

On the way back to the boat after playing tennis. Curacao.

On a hill overlooking Sunset Waters bay in Curacao.

Getting ready to go home. Arube.

Leaving the boat for the last time. Aruba.

The last sunset. Aruba.