Andre Durand

Discovering life, one mistake at a time.

Archive for November, 2007


November 29, 2007 By: Andre Category: Identity

…and I don’t feel much different. Maybe I will at 9:49am.

Busy is good

November 28, 2007 By: Andre Category: Identity

In all my rush to “get big”, sometimes I forget, it’s the journey, not the destination.

Last week, all of our field engineers were at customer locations doing POC’s. This morning, while chatting with one of our field engineers, I got this quote. It brought a smile.

we’re so busy that it’s reaching the point of insanity. It is great, a great time to be at Ping.”

Dynamic Federation. A Game Changer?

November 12, 2007 By: Andre Category: Identity

Today’s federation deployments, while secure, enterprise tested and gaining in momentum in B2B single sign-on scenarios, still lack one key networking characteristic. Namely, a network effect.

Every new SAML server which comes online today, unfortunately, is not instantly usable by other SAML installations. In fact, I’d go so far as to say that today, not only are we not achieving Metcalfe’s law of network effects, I’m not sure if we’re even achieving 1+1=2.

That’s about to change.

We’ve been busy here at Ping innovating to take SAML further — without changing the specification. We’ve added some conventions that when adhered to, effectively enable ‘connectionless federation’. We’re referring to it as dynamic federation, or auto-federation.

Depending on how you configure this new dynamic federation capability, it has the potential to significantly reduce the technical friction in federation by as much as 90%. In certain scenarios, such as enterprise use of SaaS, it holds the potential of completely eliminating the coordinated dance between business and IT folks that today must happen to make a SAML federation connection happen.

Stop the junk

November 09, 2007 By: Andre Category: Identity

As I mentioned earlier, ProQuo launched a few weeks ago to help people stop the junk mail. The service gets a new user every few minutes now. At its heart, ProQuo is a trusted identity agency with a big vision and humble beginnings. Disclosure: I’m on the board at ProQuo, which was an effort spun out of Ping Identity.

We won’t rest!

November 08, 2007 By: Andre Category: Identity

Until the graph looks like this!

PingFederate – Front & Center

November 07, 2007 By: Andre Category: Identity

A recent Webinar titled “Picking the right Federation Product for the Job” by Mike Neuenschwander 

of Burton Group placed Ping at the center of the federation universe. It only took 5 years. 🙂

BarbieToken. Brilliant!

November 06, 2007 By: Andre Category: Identity

It’s only a matter of time before identity tokens, like cell phones today, become a sort of fashion accessory. The company in pole position to make tokens hip is Apple of course. Imagine a new device, call it the iKey (with built in strong authentication, such as a thumb print scanner or something), looking much like a Nano, but used as a universal key to open everything in your life, virtual and physical. Leave it to Apple to make access cool, personalization hip and one-click purchasing via wireless a mainstream activity. To pull this off, Apple would have to aggregate at critical mass of relying party devices and online services. What’s interesting is that Apple most likely has enough in their own universe of devices and online services to pull this off. Publish the API’s to hook the device and let the world go wild. Now that’s interesting, and with enough muscle, quite achievable within 2 to 4 years.


Barbie Becomes an Authentication Device for Pre-Teen Friendship

By Kevin Poulsen 

At last, a USB security token for girls! 

Pre-teens in Mattels’ free Barbie Girls
virtual world can chat with their friends online using a feature called
Secret B Chat. But as an ingenious (and presumably profitable) bulwark
against internet scum, Mattel only lets girls chat with “Best Friends,”
defined as people they know in real life.

That relationship first has to be authenticated by way of the Barbie
Girl, a $59.95 MP3 player that looks like a cross between a Bratz doll
and a Cue Cat, and was recently rated one of the hottest new toys of the 2008 holiday season.

The idea is, Sally brings her Barbie Girl over to her friend Tiffany’s
house, and sets it in Tiffany’s docking station — which is plugged
into a USB port on Tiffany’s PC.  Mattel’s (Windows only) software
apparently reads some sort of globally unique identifier embedded in
Sally’s Barbie Girl, and authenticates Sally as one of Tiffany’s Best

Now when Sally gets home, the two can talk in Secret B Chat. (If
Sally’s parents can’t afford the gadget, then she has no business
calling herself Tiffany’s best friend.)

It’s sort of like an RSA token, but with cute fashion accessories
and snap-on hair styles. THREAT LEVEL foresees a wave of Barbie Girl
parties in the future, where tweens all meet and authenticate to each
other — like a PGP key signing party, but with cupcakes.

Without the device, girls can only chat over Barbie Girls’ standard
chat system, which limits them to a menu of greetings, questions and
phrases pre-selected by Mattel for their wholesome quality. 

In contrast, Secret B Chat  lets girls chat with their keyboards —
just like a real chat room. But it limits the girl-talk to a white list
of approved words. “If you happen to use a word that’s not on our list
(even if it’s not a bad one), it will get blocked,” the service
cautioned girls at launch. “But don’t worry —  we’re always adding
cool new words!”