The only other S/MIME certificate authority I'm aware of that does Web of Trust type identity validation is CAcert; unfortunately their root certificate isn't trusted by most browsers and e-mail clients and until that happens (if it ever does) I can't recommend them as a replacement. Similarly, the lack of built-in PGP/GPG support in current mail clients rules that system out for most people.

If you had a Thawte S/MIME e-mail certificate, you may have been able to trade it in for a 1-year equivalent from VeriSign free of charge. Unfortunately, after the first year it looks like VeriSign charge $19.95 per annum even for a "persona not validated" certificate, which doesn't sound to me like a lot of bang for your buck.

One alternative for the cost-conscious is Comodo's Free Secure Email Certificate product. Again, this is "persona not validated" but should be sufficient for most uses and you can't beat the price.

I think the talk went reasonably well; a couple of people remarked that they liked having the key concepts separated out and clarified. People even chuckled in the right places a couple of times.

Checking Twitter for the #FAM09 tag I find that the main thing a couple of people took away from the talk was a snarky remark I made about XSLT. Curiously, I find that I'm fine with that.

As usual, here's a PDF version of my slides from the presentation:

20091123-Metadata-Aggregation.pdf

There are a fair number of animated diagrams in this talk, and not as many words as usual. That might mean that some parts are hard to follow without hearing me talk. I'm going to try and get hold of the audio recording made at the time and will upload a slide-synchronised version of the talk later if possible.

Seen on a recent trip to San Antonio, Texas, which is probably the last place you'd expect to see any attempt to constrain the use of any kind of headwear.

Obviously they don't mean you can't wear your own hat while taking photos; what they want to prevent is people wearing the display hats for the purposes of having their photographs taken. Or at least I think so; there were no hats in the vicinity of this particular notice.

I've been trying to figure out why I couldn't burn a Fedora 11 DVD to upgrade one of my oldest machines for several months now. I had checked the SHA-256 hash of the download then copied the file from the server where I run BitTorrent across to a desktop machine's external hard drive. The burned disk verified against the image on the machine that created it but the installation self-test always failed, claiming the disk was corrupt. I tried burning from the same image on another machine; I tried burning at different speeds; I tried different blank DVDs. No change.

Finally, today, I thought to try verifying the hash on the copied image rather than the original one. It was different. Comparing the original download with the copy, I discovered two locations in the copy where byte 0x12 of a block had dropped the 0x08 bit.

It's probably not a coincidence that the machine on which I made the corrupted copy has recently come back from a couple of extended "warranty repair" holidays during which first the main system logic board and then (at my strong and repeated insistence) the actual DRAM were replaced. The machine had been having some intermittent problems involving applications shutting down unexpectedly; these looked like memory issues to me but the manufacturer's diagnostics had always given it a clean bill of health. As an old-school computer guy, of course, I know that the manufacturer's diagnostics never detect real memory issues.

The moral of the story? I'm not sure there is one: "faulty hardware sometimes gives the wrong answer" seems rather an obvious thing to say. On the other hand, if you are aware of the concept of metastability in electronics, you know that there's no such thing as perfect hardware as long as the logic needs to talk to the outside world. So we can reduce the frequency of odd weirdness to the point where we never expect to encounter it, but we can never make it go away altogether.

One thing that has become apparent as that work has developed is that we need to look at some of our basic assumptions with a fresh eye: complex problems can be often be simplified by looking at them from a different direction. To that end, Chad La Joie (of SWITCH and Shibboleth) and I have put together Interfederation and Metadata Exchange: Concepts and Methods, the current version of which you can download here:

concepts-v1.10.pdf

The main aim of Concepts is to provide a framework in which it is possible to think clearly about identity federations in a multi-federation world. This involves first separating concerns and then recombining them in new ways, leading to what we think is probably best thought of as a global metadata layer. There is also coverage of some of the technical implications of such an approach, but we've tried to keep that part as light-weight as possible here.

During the recent Internet2 Member Meeting in Arlington, this document was also reviewed by Scott Cantor, Steven Carmody, Josh Howlett, Leif Johansson, Thomas Lenggenhager and Valter Nordh. We are grateful to our colleagues for their many constructive comments, which we have have tried to incorporate faithfully in the current version. I will leave it to those individuals to state whether, and to what degree, they endorse our conclusions.

This is a nice mouse to use, though. For example, it makes a nice solid mechanical click when you use the left or right buttons (even though there is really only one mechanical button — the whole mouse — touch sensors inside give you two "logical" buttons).

There's even a tiny clicking sound when you squeeze the side buttons or roll the little trackball around. You can hardly hear these sounds in a normal office, but they make all the difference to the "feel" of the device. And, until today, I would have meant that literally: I'd have sworn that I could feel the little clicks through my fingertips.

Today, quite by accident, I discovered that the mouse does not make these tinier sounds if it isn't plugged in… or, in the case of the wireless version, if you take the battery out.

Yes, there's a tiny speaker inside, whose only purpose is to make sounds that are almost — but not quite — too quiet to hear.

As well as the traditional statistics about how large the UK federation has become, I talked a bit about some of the things I think contributed to its success. This was more in terms of broad concepts than details, the idea being to give people thinking of setting up new federations a guide to some of the tradeoffs involved.

As usual, here's a PDF version of my slides from the presentation:

20090428-Lessons-iay.pdf

I knew that I'd have a wide range of people in the room in each session, so I put together a slide deck that would have something for everyone and talked about different subjects to different levels on each of the two days.

Some of the slides won't make much sense without explanation, but others do stand alone, I think. If you're interested, here's a PDF version of the slides stripped of the animations:

20090331-Futures-noanim.pdf

This is another "snapshots from my travels" picture, from a recent trip to Zürich, Switzerland.

In many countries, it's common to find an inedible boiled mint on your hotel pillow. In Switzerland, hoteliers apparently have tastebuds that work.

One area where I've felt for some time we all need to express things more clearly is with regard to that thing we call "trust". I usually break this down first into "technical" trust (which allows you to know you're talking to the entity you think you are) and "behavioural" trust (which gives you expectations about the behaviour of a known entity). This isn't the whole story by all means, but does allow us to see that trust isn't a singular property; it's more like a stack or chain of elements that we can build up into something we can actually use.

Any federation can choose to act as a trust broker at many levels; for example, one federation may have strictly enforceable rules controlling member behaviour while another may leave behavioural trust to bilateral arrangements between members (such as the commercial contracts that are usually present in content licensing situations). The UK federation is towards the latter end of the scale: as all federations do, it acts as a broker of technical trust, but mere presence of an entity within the UK federation's metadata has never carried any behavioural guarantees.

What this means is that if you're used to operating in something like the UK federation, your stance is already to treat everyone as a potential ray-gun-toting Martian unless you have some specific reason to view them otherwise. Adding more Martians from other federations therefore doesn't change anything; the important thing that an inter-federation agreement adds is the assurance that the originating federation has registration procedures strong enough to prevent a Martian from masquerading as someone you have a real relationship with, and conversely provides technical trust strong enough to support you in picking the entities you do want to do business with out of the sea of entities you don't care about.

• snomi-v3.pdf is a clean copy of the document for new readers
• snomi-v3-diff.pdf includes change indications for people who have read the previous edition

I continue to welcome comments and discussion. The next edition might be a couple of weeks away, but will likely go into more detail on what I think an aggregation appliance might need to include.

Impromptu in-person rants of that kind are very useful for finding out whether ideas have any appeal to other people at all, but I've felt for a while that something more coherent might be useful. I've therefore put together Some Notes on Metadata Interchange as a personal position paper on this area.

• snomi-v2.pdf is the current version of the document;

• snomi-v2-diff.pdf is the same document with change bars from the previous version. This means you can deduce what V1 looked like if that's of interest.

I very much welcome comments and discussion on this document. If you'd like to, you can leave a comment here (if you don't have a TypeKey account, there will be a delay before it's published) or post on your own blog or just send me e-mail.

Some disclaimers: This document does not represent the official position of any organisation or group, nor is it an attempt to describe any consensus view; it's purely a personal summary. It's not a collaborative document, except in the sense that if you change my mind I'll change the text.

I expect this document to change fairly often over the next few months; hopefully, some consensus-building (and even specification-building) efforts can be budded off from it when that seems appropriate; they will probably be hosted elsewhere.

There used to be a joke in photographic circles that most people had rolls of film printed with "Christmas at each end and a beach in the middle". This blog hasn't been idle quite that long, but I've just got back from a very nice vacation in Bruges inspired by the visit I made for the conference mentioned in the last two entries.

Mmmmmm, chocolate… and, apparently, pixies. Who knew?