VerSign will buy Geotrust for $125 million according to this article. The takeover is subject to regulatory approvals. For some time Geotrust has been battling Verisign to become the largest issuer of SSL certificates.

InfoWorld has issued a special report entitled, "15 Enterprise Tech Startups to Watch," and two of them are hardcore identity companies.

Sxip Identity is a perennial thought leader in the identity space - with their CEO, Dick Hardt, rising to internet fame with his "Identity 2.0" talk that he first gave about a year ago. But, as the InfoWorld piece highlights, Sxip's business also includes managing identity in a SaaS world (via their Sxip Access appliance). Sxip's innovations continue with their work around version 2.0 of SXIP (the simple extensible identity protocol) - a charge being led by their CTO, John Merrells. Its easy to see why Sxip Identity made the Infoworld list.

ConSentry is the identity company that you're less likely to have heard of. ConSentry is one of the new breed of NAC (network access control) companies that is leading the charge of identity-based NAC. NAC used to be seen as a non-identity problem, but companies like ConSentry are changing that, as they use deep packet inspection to enforce existing access and authorization policies. Expect to see a LOT more of the NAC world coming around to this playing field (think Juniper, Cisco, Vernier Networks, etc). And look for even more innovation as "traditional" IdM products and products from the NAC world begin to heavily influence each other. That larger wave, and ConSentry's approach to the problem, make them a great candidate for this list.

Mike Beach of Boeing is the earliest of early adopters. I first heard him tell his "federation" story (the now legendary example of Southwest pilots being federated into Boeing maintenance manuals) at Burton's Catalyst show some years back. Mike is the guy that made SAML (as a feature) show up in the Oblix product set. Mike is the guy that cut through all of early brush and hardwoods to clear a field. Mike is the guy that showed others that federation *could* be done.

Mike Beach was the first wave of federation.

Well, if Mike was the first wave, I'm guessing he's also a good indicator of the second wave as well. It seems that Mike solved some snags, chose Ping Identity (full disclosure: I was Ping's VP of Marketing from Oct 2002 until July 2005), and decided to kick things off.

Boeing's moving ahead with deploying dozens of federation partners. Mike proclaims federation "the way business will get done on the internet." This is definitely federation's second wave.

So, here's what we know:

The first wave lasted three years (2002-2005) and really served as proof of concept.

The second wave will most likely last a similar period (with slight compression - 2006-2008/9) and will serve as the "crossing the chasm" inflection point.

Extrapolating, we'll finally "accomplish" federation for the mass of enterprises in the 2009-2011 timeframe.

That's a pretty good run for what started as browser-based single sign on between enterprises ;-)

Open source identity components is not actually a new phenomenon (see SourceID), however, Novell's launch of an open source project (as part of their participation in Higgins) is still a significant event.

Find out more about "Bandit" here.

Its May, and while it would seem that the Digital ID World conference is still out on the horizon, the truth of the matter is that we're in the thick of planning for the show.

All of the leading vendors are coming on board; speakers are being recruited; keynoters are being lined up; and Phil and I are hard at work nailing down the topic areas that enterprises are telling us they really want to hear about.

You'll hear the core stories of identity management deployments (from the people doing the deploying); the stories of compliance automation, strong auth adoption, user-centric identity and the deployment of technologies like federation and virtual directories. But you'll also hear about the innovation taking place in the identity space. Things like the growing adoption of enterprise rights management; the emergence of identity-based Network Access Control; the impromptu happenings of "identity mashups"; and the roll-out of large scale role-based systems.

Obviously, you'll hear about much more of this as we get closer and closer, but please do remember to mark your calendars now!

The Internet Identity Workshop is in full swing. Phil Becker, our Editor in Chief, will be in attendance today, so expect some reports coming out of that...