PassPack at BarCamp/RomeCamp

The PassPack crew spent a great day yesterday at Rome’s BarCamp held at the Linuxclub. There was no official presentation of PassPack as BarCamp is a tech and discussion forum – not the right place to plug start-ups.


Francesco started off the day in the main room with a talk on web security and, more specifically, on his technology aSSL (watch it here). The response was good, the interest in web security is clear.

Beyond just tech-talk, I met two fabulous women (there really were too few of us): Amanda over at Excite UK and Deirdré Straughan of

Technorati Tags: , , , ,

5 responses to “PassPack at BarCamp/RomeCamp

  1. Diversity is definitely a challenge at BarCamp. There certainly aren’t straightforward solutions — though ongoing awareness to the matter will hopefully raise folks’ sensitivity to the value of diversity at *camps.

    As for PassPack, I find it very interesting — do you have any thoughts on OpenID and any possible relationship between the two?

  2. Hi Chris,

    On diversity:
    Yup, diversity is always an issue – it’s part of life, and BarCamp, as all social gatherings, reflect that. Thanks for the link, too. Very useful to all.

    One thing to consider is this: we’re in Italy. I adore my adopted country, but awareness of diversity has yet to hit the bigtime here. Let’s say it’s a growing trend, but still not quite adult yet. The very positive reaction that the BarCamp members had to the objection about lack of women is indeed refreshing (most were supportive, and only one journalist [jokingly?] insisted on playing the macho role).

  3. Still to Chris…

    On OpenID:
    I think we’re all trying to work on the same problem, from different angles. For now, we’ve decided on a minimalist approach with PassPack. We’re not going to delve into the “big” concepts like Identity (with a capital “I”) yet, but rather trying to take things one step at a time and focus on one, specific problem: Password Management.

    Nonetheless, single-sign-on is definitely on our radar. PassPack is still young and, for now, we’re really more focused on developing the product. But, since I’m lucky enough to have a your attention (smile) – let’s talk about it.

    Off the bat, I see the two as potentially incompatible. PassPack is a Password Manager based on being anonymous (accounts are anonymous, and the User ID can be changed on-the-fly), and OpenID is single sign-on based on being identifiable (I have a site, you know who I am, let’s talk). How could we reconcile such a difference without either of the two parties compromising their founding principles?

  4. For one thing, OpenID really only leads to Identity, but is not Identity on its own. In fact, it’s only a protocol that says that “Foo over there is the same Foo over here”.

    But, once you get that basic layer in place on a number of sites, it becomes very useful for being able to build additional service layers on top of that.

    For PassPack, you might look at what being a “local” Identity Provider might mean — for example, if I run PassPack on a thumbdrive with a tiny OpenID server… I could take that thumbdrive with me and authenticate against my own anonymous thumbdrive… Or, of course, I could use any Identity Provider on the web. The choice is up to me.

    Nevertheless, I think that using PassPack as a possible interface for better understanding and making safe use of OpenID is a possibility to consider. I currently use 1Passwd on my laptop and it’s a great tool for managing passwords. I’ve encouraged the developer to look at OpenID and he’s inclined to; at best I think having a choice in what application you use on the desktop to take advantage of OpenID is a good thing — and something I’d be curious to hear your thoughts on.

  5. @Chris,
    I’m all for allowing user the option to substitute the standard PassPack User/Pass authentication with an OpenID authentication. It is something we will happily look into for future development. Of course, the Packing key would still be required as it is an integral part of our security system.

    My thoughts on “having a choice in what application you use on the desktop to take advantage of OpenID”?

    Sure, choice is good. PassPack, as an online system (not really a desktop application), was built with freedom in mind – anonymous, anytime, anywhere access.

    We’ve already approached other vendors about working together on an open standard for safe/encrypted data exchange. Ideally we’re looking to extend *choice* to any user, not just OpenID, and not just on the desktop.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s