United Wifi: How Can It Be So Bad?

United-WifiI just flew United non-stop from Seattle to Washington D.C. (Dulles) and back. I realized too late after booking the trip that this was the airline on which I had never successfully connected to their in-air wifi. Since it was a five hour flight, I decided I would bear down this time and finally fix the problem (after all, I’ve worked in the Internet business for over 20 years).

So, on the outbound trip, I literally spent TWO HOURS trying everything I could to get a connection. Absolutely nothing worked. After I gave up in frustration, a helpful flight attendant (who I could tell had spent many hours trying to debug wifi connections for passengers) make the suggestion to forget the United wifi network at the end of the flight.

So I did that and then tried to forget all about the whole experience—too many other things to worry about after missing

Continue reading "United Wifi: How Can It Be So Bad?"

OAuth Authorization Server Metadata spec incorporating IETF last call feedback

OAuth logoThe OAuth Authorization Server Metadata specification has been updated to incorporate feedback received during IETF last call. Thanks to Shwetha Bhandari, Brian Carpenter, Donald Eastlake, Dick Hardt, and Mark Nottingham for their reviews. See the Document History appendix for clarifications applied. No normative changes were made.

The specification is available at:

An HTML-formatted version is also available at:

A miracle of flight

That was the view to the south over center of Greenland a few hours ago: a late afternoon aurora over a blue dusk.

I departed London about four hours before taking this shot, and am writing this in Santa Barbara. According to my little hand-held GPS, we were just above 70° north when I took that shot, or about four degrees north of the arctic circle. The flight as Air New Zealand 1, and that same plane is now en route to Auckland.

We were also inside the auroral oval:

Normally on transatlantic flights between Europe and the U.S., one looks north at the aurora, but in this case I was looking south.

Even after flying millions of miles as a passenger, it still blows my mind what one can see out the window of a plane.

I’ll put up the full series of shots after I get Continue reading "A miracle of flight"

Trust vs Confidence

Over the years, in my own mind, I have built specific semantics around the terms 'Trust' and 'Confidence'. These are closely related to the validity of 'Proof'... I think that often the use of these terms in the vernacular are too fuzzy to be of use in identity system discussions. I would posit:


Security and its many mechanisms are used to establish trust; once trust is established, you just trust. My canonical use-case for this is access to the school blog. I can grant or revoke write access to my kids' school blog. I give access to people who I trust will only post age appropriate material. I could use manual or automated mechanisms to check posts before they are published but the effort or cost outweighs the risks. I choose to trust. Trust is a human, emotional, social construct that implies a loosening of control. Trust can be Continue reading "Trust vs Confidence"

Jack Ucciferri for 4th District

Santa Barbara is one of the world’s great sea coast towns. It’s also in a good position to be one of the world’s great Internet coast towns too.

Luckily, Santa Barbara is advantaged by its location not just on the ocean, but on some of the thickest Internet trunk lines (called “backbones”) in the world. These run through town beside the railroad and Highway 101. Some are owned by the state college and university system. Others are privately owned. In fact Level(3), now part of CenturyLink, has long had a tap on that trunk, and a large data center, in the heart of the Funk Zone. Here it is:

Last I checked, Level(3) was in the business of wholesaling access to its backbone. So was the UC system.

Yet Santa Barbara is still disadvantaged by depending on a single “high speed” Internet service provider: Cox Communications, which

Continue reading "Jack Ucciferri for 4th District"

Eight years and counting

Well it was 8 years since I last posted here and 12 years since I started this blog and I have to ask... what has changed, what has been achieved in all that time?  I've been out of touch with this space for a while and i'm going to go on a little personal voyage of discovery to see what I can learn and see if any of the fundamental problems have been solved.

My first step is going to be attempting to articulate in abstract terms what I consider to be 'the fundamental problems'.

My primary point of interest since this all started has been to give people access to and appropriate control over data about themselves and their transactions. It is well known that the likes of Google, Facebook, Experian, Equifax and many others make their money trading in data generated by or about us. These companies Continue reading "Eight years and counting"

Fixing the Five Problems of Internet Identity

Summary: Sovrin capitalizes on decades of cryptographic research and the now widespread availability of decentralized ledger technology to rethink identity solutions so that we can have scalable, flexible, private interactions with consent despite the issues that distance introduces.

Credential Exchange

Andy Tobin has a great presentation that describes five problems of Internet identity. Our claim is that self-sovereign identity, and Sovrin in particular, solve these five problems:

The Proximity Problem—The proximity problem is as old as the familiar cartoon with the caption "On the Internet, nobody knows you're a dog." Because we're not interacting with people physically, our traditional means of knowing who we're dealing with are useless. In their place we've substituted username-password-based authentication schemes. The result is that people's identity information is replicated in multiple identity silos around the Internet.

The Scale Problem—Digital identity currently relies on hubs of identity information. We login using Facebook or Google—huge Continue reading "Fixing the Five Problems of Internet Identity"

Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) spec using CBOR diagnostic notation

IETF logoDraft -01 of the Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) specification updates the examples to use CBOR diagnostic notation, thanks to Ludwig Seitz. A table summarizing the “cnf” names, keys, and value types was added, thanks to Samuel Erdtman. Finally, some of Jim Schaad’s feedback on -00 was addressed (with more to be addressed by the opening of IETF 100 in Singapore).

The specification is available at:

An HTML-formatted version is also available at:

Revolutions take time

The original version of this ran as a comment under Francine Hardaway‘s Medium post titled Have we progressed at all in the last fifty years?

My short answer is “Yes, but not much, and not evenly.” This is my longer answer.

In your case and mine, it has taken the better part of a century to see how some revolutions take generations to play out. Not only won’t we live to see essential revolutions complete; our children and grandchildren may not either.

Take a topic not on your list: racial equality—or moving past race altogether as a Big Issue. To begin to achieve racial equality in the U.S., we fought the Civil War. The result was various degrees of liberation for the people who had been slaves or already freed in Union states; but apartheid of both the de jure and de facto kind persisted. Jim

Continue reading "Revolutions take time"

Dear DSCC: unsubscribe means unsubscribe

I have unsubscribed from the DSCC mailing list, which I never joined, multiple times. Here’s a screen shot of my last unsubscribe session, dated 21 October:

That’s the third screen, after others that mute the unsubscribe option. At this point, “Take a break” is their euphemism for what I really want, which is a divorce. Here’s the confirmation:

And here is the confirming email:

I have earlier ones from June, July and August.

But the DSCC emails keep coming. Here’s just the top of the latest:

So here’s a question for the DSCC, or anyone else who knows: Is this deliberate on the DSCC’s part?

I do believe one should never ascribe to __________ what can also be ascribed to incompetence.

But this is a long time for any incompetence to persist. At a certain point this kind of shit gets hard to read as anything other than intentional. That Continue reading "Dear DSCC: unsubscribe means unsubscribe"

Ya(cht) gotta love the Web

A giant yacht was anchored just outside the harbor in Santa Barbara for much of this past week:

Among its impressive features (though not especially visible in this, my shitty photo) is the helicopter on one of the aft decks.

I wanted to know exactly what this thing was, so I watched local media for clues, which did not forthcome.

But it didn’t matter, because we have the Web. And search engines. So I did an image search for super yacht helicopter pad and found an exact image match with this Robb Report on the Pegasus VIII, which is a charter vessel for hire at many links. Says this one,

The 255.91ft /78m Custom motor yacht ‘Pegasus VIII’ was built in 2003 by Royal Denship and last refitted in 2011. This luxury vessel’s sophisticated exterior design and engineering are the work of Espen Oeino. Previously named Pegasus Continue reading "Ya(cht) gotta love the Web"

Tab closings

These are all the non-advertising-related items I just moved out of this post here on doc.blog.

This Wired piece on podcasting’s history fails to mention either Dave Winer or RSS. Huge oversights, those. Without mentioning the Wired piece, Dave offers many corrections.

Mount Hope Cemetery in Lander, Wyoming: the final resting place of many memorable characters in Ethel Waxham Love’s Lady’s Choice, which I am reading and re-reading right now. Such an amazing character. I visited her family’s abandoned ranch house (“one hundred miles from water, women and wood,” her son David said) this summer, for The Eclipse.

Radio ratings in Canadian cities. Which I want so I can complete this post about sports radio. I expected that post to be hugely provocative ad popular, by the way. The opposite was true. Still, I want to finish it.

Aeonyour brain is not a computer. No surprise there, Continue reading "Tab closings"

CBOR Web Token (CWT) specification adding CBOR_Key values and Key IDs to examples

IETF logoA new CBOR Web Token (CWT) draft has been published that adds CBOR_Key values and Key IDs to examples. Thanks to Samuel Erdtman for working on the examples, as always. Thanks to Giridhar Mandyam for validating the examples!

I believe that it’s time to request publication, as there remain no known issues with the specification.

The specification is available at:

An HTML-formatted version is also available at:

OAuth and OpenID Connect Token Binding specs updated

OAuth logoThe OAuth 2.0 Token Binding specification has been updated to enable Token Binding of JWT Authorization Grants and JWT Client Authentication. The discussion of phasing in Token Binding was improved and generalized. See the Document History section for other improvements applied.

The specification is available at:

An HTML-formatted version is also available at:

An update to the closely-related OpenID Connect Token Bound Authentication 1.0 specification was also simultaneously published. Its discussion of phasing in Token Binding was correspondingly updated.

The OpenID Connect Token Binding specification is available in HTML and text versions at:

Thanks to Brian Campbell for doing the bulk of the editing for both sets of revisions.

OpenID Presentations at October 16, 2017 OpenID Workshop and IIW

OpenID logoI gave the following presentations at the Monday, October 16, 2017 OpenID Workshop at PayPal:

I also gave the following “101” session presentation at the Internet Identity Workshop (IIW) on Tuesday, October 17th:

Boston is the Top Radio Market for Sports

So I did some research, and Boston wins, big:

Boston 11.0
Philadelphia 8.7
Minneapolis 6.9
Detroit 6.4
Middlesex-Somerset-Union, NJ 6.4
Oklahoma City 6.2
Baltimore 6.1
Nashville 5.9
New York 5.8
Pittsburgh 5.8
Kansas City 5.8
Dallas-Fort Worth 5.7
Nassau-Suffolk, NY 5.5
Chicago 5.4
San Francisco 5.4
Columbus 5.4
Atlanta 4.9
Denver 4.7
Washington DC 4.3
Buffalo 4.2
Seattle 4.0
Portland 4.0
San Jose 4.0
Cleveland 3.9
Raleigh-Durham 3.9
Indianapolis 3.8
St. Louis 3.5
Green Bay 3.5
Houston-Galveston 3.4
Phoenix 3.2
Sacramento 3.1
Memphis 2.8
Los Angeles 2.5
Tampa-St.Petersburg 2.3
San Diego 2.2
Miami 1.9
Cincinatti 1.7
Las Vegas 1.6
Orlando 1.4
Milwaukee-Racine 1.3
Charlotte 1.2
Salt Lake City Continue reading "Boston is the Top Radio Market for Sports"

Minimize Ladder Length over Wall

Some time ago somebody had to solve this math optimization question for their studies and told me about it.

So there is a wall with height h, which has the distance a from a very high "building" and your task, should you accept it, is to find the shortest ladder over the wall that touches the ground and the "building".

So the function to minimize is L = sqrt((x+a)^2+(h+y)^2).
Because we know that y/a = h/x it follows that y = ah/x.
Using this the length become L = sqrt((x+a)^2+(h+ah/x)^2)
The minimum of that function is not changed if we leave out the sqrt and the derivation of (x+a)^2+(h+ah/x)^2 is (2 (a + x) (-a h^2 + x^3))/x^3
So the minimum x is where this function equals zero, which is if x³ = ah²,
and the length then is L = (a^(2/3) + h^(2/3))^3
Now the thing that I
Continue reading "Minimize Ladder Length over Wall"

Data is the New Love

dat is the new love

Personal data, that is.

Because it’s good to give away—but only if you mean it.

And it’s bad to take it, even it seems to be there for the taking.

I bring this up because a quarter million pages (so far) on the Web say “data is the new oil.”

That’s because a massive personal data extraction industry has grown up around the simple fact that our data is there for the taking. Or so it seems. To them. And their apologists.

As a result, we’re at a stage of wanton data extraction that looks kind of like the oil industry did in 1920 or so:

It’s a good metaphor, but for a horrible business. It’s a business we need to reform, replace, or both. What we need most are new industries that grow around who and what we are as individual human beings—and as a society that values

Continue reading "Data is the New Love"

Is Sovrin Decentralized?

Summary: To determine whether Sovrin is decentralized, we have to ask questions about the purpose of decentralization and how Sovrin supports those purposes.

People sometimes ask "Is Sovrin decentralized?" given that it relies on a permissioned ledger. Of course, the question is raised in an attempt to determine whether or not an identity system based on a permissioned ledger can make a legitimate claim that it's self-sovereign. But whether or not a specific system is decentralized is just shorthand for the real questions. To answer the legitimacy question, we have to examine the reasons for decentralization and whether or not the system in question adequately addresses those reasons.

This excellent article from Vitalik Buterin discusses the meaning of decentralization. Vitalik gives a great breakdown of different types of decentralization, listing architectural decentralization, political decentralization, and logical decentralization.

Of these, logically decentralized systems are the most rare. Bitcoin and other Continue reading "Is Sovrin Decentralized?"