After suggesting the general OSIS session at IIW, I obviously was obliged to run the session as well. Overall, I think that the session was sucessful – although I believe that only those that have been working in the context of OSIS for a while have been really satisfied.
One of the things that have been requested during the session was a somewhat comprehensive, yet high-level overview of the OSIS “sector” of the identity landscape. I tend to agree. While those that have been involved in OSIS and some of the projects associated with OSIS are starting(!) to get some shared understanding of what OSIS is about and how things relate to it, many people in the industry just don’t. 
Unfortunately, we did not have the time to “bash” Johannes’ overview talk on OSIS, which I found to be a reasonable first introduction.
So allow me to making an attempt to clarify the “elevator pitch:
OSIS is a – intentionally – fairly informal working group under the newly formed identitycommons. Its short term goal is to facilitate the creation of an InfoCard compatible client that is fully interoperable with Microsoft’s Windows CardSpace implementation. Down the road – as soon as we can present some tangible results on our first goal – we intend to broaden the scope and will include OpenID, Liberty and other open source identity technologies to create an open and interoperable general purpose identity SYSTEM.
The way to achieve these goals (i.e. the facilitation) is by providing a place to discuss the needs, status and goals for all OSIS projects. In particular, OSIS will not:
- create profiles or standards
- attempt to force its consituents to develop into a certain direction
- provide a comprehensive administrative and legal framework
The biggest value-add of OSIS to me is its informal participation structure: this allows a fairly free flow of ideas between technologists that are trying to get things to work with each other. Politics and religion stay (largely) out of this by design.
 Yes, OSIS does have a charter under IDcommons. However this charter is not really a good high-level overview in my opinion. In fact, the charter really underlines the informal character of the group by being *really* open-ended.
Does Federated Identity sometimes require Federated Authorization? If so, how come this isn’t ever discussed. Maybe you could address in future blog entry…