Vittorio Bertocci

Back to Profile: Vittorio

Comments

  • Vittorio Bertocci: WS-Trust - Under the Hood

    Helo guys,
    thanks for your patience.
    The "Donwload" button now works; fixing the in-page streaming will happen in some time, though.
    Hence for now if you want to see the video (have a lot of coffee handy if you want to stay awake Smiley ) I suggest you use the download button (which BTW ultimately points here).
    Thanks for your interest!

    Vittorio
  • Vittorio Bertocci: WS-Trust - Under the Hood

    Hello Wilke,
    thanks for bringing this to our attention. I sent a mail to the channel9 guys, but I think we'll have to wait until vacation time is over.
    Thanks & happy holidays!

    Vittorio
  • Italia 9: Alessandro Catorcini e ​Affidabilit​a’ del .NET Framework

    Ciao Gio,

    grazie mille per i complimentoni!
    Riguardo a chi scrive codice: Alessandro puo'sicuramente dare una risposta piu' accurata, comunque molti dei PM che conosco scrivono codice. Magari e' codice che non finisce direttamente nel prodotto, comunque per esplorare idee e chiarificare specifiche il codice e' una componente importante. La cosa vale assolutamente per PM vicini all'implementazione, come i feature PM; man mano che si sale la scala dell'astrazione probabilmente il bisogno di aprire visual studio diminuisce. Ma di nuovo, sono certo che Alessandro dara' un commento piu' accurato Smiley

    Riguardo ai sottotitoli. So che Carlo ha considerato l'idea, ma non so nulla riguardo alla sua effettiva fattibilita' dal punto di vista tecnico/di processo. Traduco il tuo commento in una mail in inglese e glie la mando, magari risponde qui (anche se mi sa che adesso e' fuori ufficio).
    Grazie ancora dei complimenti & salutoni!

    V.

  • Italia 9: Alessandro Catorcini e ​Affidabilit​a’ del .NET Framework

    Dear dubian,
    I don't believe I said anything arrogant and I am glad that Skriker, judging from his reply, didn't seem to have the same impression.
    About the feedback. The structure of the interviews is very simple, and I try to leave as much control as I can to the person I interview. The purpose is giving a feeling of what it means for an Italian person to work here, and to give useful technical information in the process. In order to achieve both goals I have to allow the person some "personal" space, and I can see how this can be unfamiliar to many viewers. Next time I will select a guy who has a peculiar style also in the delivery, so the initial segment can be shorter and his personality still come out: I'll be curious to have your feedback about if it mitigates...

    Now the less pleasant part. Regardless being positive or negative, your comment contains various attacks ad hominem that are completely unnecessary for nailing home your point, and I certainly don't appreciate that. With a degree cum laude in computer science from one of the finest universities in Italy, a couple of papers solving an open problem in computational geometry and few years playing with the most advanced datacenters in Italy in the scientific visualization field, I believe I have a pretty good idea of what an Italian computer scientist is Smiley and if I'd be interested in "being a player", as you say, it would be much easier for me to get Carlo to interview ME. I am doing those interviews out of sheer love for my country, since my professional focus is elsewhere. I was sort of hoping of making people happy rather than anonymously being called names, but hey: one always does his best.
  • Italia 9: Alessandro Catorcini e ​Affidabilit​a’ del .NET Framework

    Skriker,
    unfortunately you'd lose your bet.
    In Italy computer scientists can certainly READ English, but we are not exposed very often to spoken English. ALL the TV is dubbed in Italian, and the same goes for movie theaters. As a result it may actually be very difficult for them to follow English content. As an example of what I am talking about, here there's a translation of the very first comment in the thread:

    "Thank you guys, I love you!!!
    What a pleasure is listening to your interviews in Italian, after having spent the summer trying to grasp as much as possible from interviews given by people with the widest range of accents and slangs!"

    As Carlo says, Channel9 is stuffed with English material to keep you very busy: hopefully you won't be bothered too much if we try to do something from time to time for people speaking Italian,Japanese, Chinese, etc etc Smiley

    thanks

    V.

  • Italia 9: Mauro Ottaviani e Performance

    Aggiungo ulteriore prospettiva al post di Mauro.I requisiti che lui menziona calzano per figure professionali come la sua, in cui le interazioni si svolgono sostanzialmente con colleghi.Se fai un lavoro a contatto col cliente, tipo il mio, l'inglese lo devi sapere come e meglio dell'italiano. Nessuno si inalbera se qualche volta dimentichi la s della terza persona singolare, pero' devi essere assolutamente fluente, articolato, capire *bene* la gamma di possibili accenti con cui il tuo interlocutore ti apostrofa, e cosi' via.Nel mio lavoro parlo in continuazione, nelle situazioni piu' disparate: 1:1 con devs o architetti del cliente, briefing per consigli d'amministrazione & middle management, presentazioni a eventi di tutte le dimensioni (dallo US tour con 10 persone nella stanza ai bagni di folla dei teched inter(I need to watch my language)onali), webcast, interviste & stampa in generale, conference calls, e chi piu' ne ha piu' ne metta. E' dura! Sono arrivato in USA dopo 3 anni che gia' parlavo inglese tutti i santi giorni (con mia moglie), e nonostante il fatto che sono qui gia' da quasi 2 anni continuo occasionalmente a ricevere feedback di gente che ha difficolta' a capire il mio accento. Che e' un ottimo risultato, visto che all'inizio americani e inglesi capivano il 40% di quello che dicevo (parlavo troppo veloce); c'e' voluto un anno di disciplina per imparare a rallentare.Cio' detto: oltre alla lingua, un ulteriore requisito di lavori simili al mio e' l'eseperienza & conoscenza del mercato. Mentre per ottimizzare un algoritmo e' sufficiente (come se fosse poco Smiley) buona preparazione e "intellectual horsepower", quando hai a che fare con il cliente e' importante avere l'esperienza necessaria per potersi mettere nei panni del cliente.La cosa splendida e' che qui hai la sensazione che qualsiasi talento tu abbia, lo puoi esprimere per ottenere il massimo impatto.Comunque non e' necessario per forza venire in USA per lavore in Microsoft. Ho passato 4 anni in Microsoft Italia prima di venire qui, e mi sono trovato benone.In bocca al lupo! Wink
  • Italia 9: Mauro Ottaviani e Performance

    Ragazzi,
    grazie a tutti per i complimenti Smiley
    Mi devo scusare per il ritardo con cui mi faccio sentire su questo thread, ma sono impegnatissimo per visite a clienti e conferenze interne. Per fortuna che la prossima settimana vengo a passare un po' di vacanze a casa!
    Il buon Mauro e' carico di lavoro anche lui, ma sono sicuro che si fara' sentire presto.
    Verso meta' agosto dovrei riuscire a intervistare qualcun altro & pubblicare a stretto giro; faro' del mio meglio, anche perche' se perdo il giro tra altre visite a clienti e eched Japan si finisce a settembre...

    Buone vacanze a tutti!

    V.
  • Vittorio Bertocci: WS-Trust - Under the Hood

    Hello Dejawoo,
    thanks for the nice words Smiley
    I ma not sure I understand exactly the context of the issues you are having. Are you working with a specific product/technology?
  • Vittorio Bertocci: WS-Trust - Under the Hood

    Hello Bruno.
    Though there are similarities between the two systems, WS-Tust is not based on Kerberos. It is interesting to remark that WS-Security can use kerberos-derived tokens, anyway, hence Kerberos systems can participate in trust related transactions.
    HTH,

    Vittorio
  • Vittorio Bertocci: WS-Trust - Under the Hood

    Hello Freeman.
    I am *totally* for the Saint Thomas paradigm: that's the reasons for which we shot this video, for the ones who want to know how things really work Smiley
    The intent of the video (& the visual notation) was (over)simplifying & summarizing what would be otherwise buried in a number of not-so-easy documents, but if you're interested in going directly to the source here there's the list of fundamentals (in decreasing abstraction level order):

    • WS-Trust. It describes how to acquire a token, assumes knowledge of what a token is and how it works. In the video I also mention WS-SecureConversation once the session has been bootstrapped.
    • WS-Security is KEY for understanding the details (that I oversimplified) of how a token is used in the context of a soap message. After you've read the WS-Trust and the WS-Security spec, you may take a look at the scenarios used in the ws-trust interop workshop: they give a good idea of how SAML is used witht he session key, if I remember OK. Ah, before doing that it may be useful to take a look at the SAML Token profile, and maybe tot he SAML specification itself.
    • All those specifications assume that you have working knowledge of the basic blocks, that's to say XML Signature and XML Encryption.

    Years ago I was working as a consultant on projects where we had to interop from WSE 1 & 2 with competitor's products, so I actually had to read some of those specs in some details to troubleshoot early clashes (namespaces, canonicalizations, etc): nowadays I never dive that deep, since all details are managed by the modern stacks. 
    HTH,

    Vittorio 

  • Vittorio Bertocci: WS-Trust - Under the Hood

    Hello Gkrall,
    apologies for the delay.
    There are many ways in which CardSpace and OpenID can work in synergy, and the first sites supporting both are starting to show up. I've received word from my good friend Richard Turner, the product manager for Windows CardSpace, that some guidance on this very topic is on its way. As soon as we will have something published, I will post the relevant link on this thread: alternatively, whoever is interested in staying up to date on CardSpace should seriously consider subscribing to Richard's feed Smiley

    HTH,

    Vittorio
  • Vittorio Bertocci: WS-Trust - Under the Hood

    Yeah, that video is not only amazing for its delivery but it also makes a lot of good points about identity Smiley

    The use of WS-* IS that simple, if you use a modern stack: when programming with WCF, it's enough to choose the right binding for having all the things we mentioned in the video applied transparently... and if you want more control, you can go in the configuration and specify if you want just a signature, or signature AND encryption, etc etc... make a search for WCF and security, and you'll find out that what you propose is actually less simplistic of what's offered by the product out of the box Smiley

    HTH

    Vittorio