Can We Really Have Zero Trust with a Federated Identity Architecture? With Justin Richer (MongoDB)
Most organizations say they are doing Zero Trust. Many still trust their IAM directory implicitly, protect it with a firewall, and call that a modern identity architecture. That is a perimeter by another name. In this session, Agne Caunt (Dock Labs), Richard Esplin (Dock Labs) and Justin Richer (MongoDB) work through what Zero Trust actually requires at the identity layer, why federated architectures tend to recreate the problems they were designed to solve, and what a more structurally sound approach looks like.0:00 Introduction and guest overview
3:48 Zero Trust: origins and core principles
10:26 Why Zero Trust is still unnatural
11:45 Zero Trust in what? The foundational question
13:14 Directory synchronization: how enterprise identity fragility compounds
15:47 Verifiable credentials and the move to user wallets
18:06 Is the wallet really untrusted? Justin pushes back
20:39 Practical transition: using wallets at domain boundaries, not everywhere
22:55 VCs as a reinvention of X.509 for an online world
26:22 Tool comparison: OAuth/OIDC/SAML + SCIM vs. VCs
27:42 Shared Signals and Events (SSE): strengths and structural limits
31:51 User Managed Access (UMA): what it got right, why it stalled
34:35 GNAP: what it solves, when to use it instead of OAuth
41:00 SPIFFE/SPIRE: workload identity and short-lived credentials
46:06 SPIFFE's trust model and the "bottom turtle" question
47:24 WIMSE: bridging workload identity across trust domains
51:12 Agentic identity: the question from the audience
52:38 AI agents -- neither human nor workload, and why that matters
55:26 "On behalf of" vs. "for the benefit of" -- the liability distinction
58:55 What would a Zero Trust native architecture actually look like?
Website - https://www.dock.io/
LinkedIn - https://www.linkedin.com/company/docknetwork/ Receive SMS online on sms24.me
TubeReader video aggregator is a website that collects and organizes online videos from the YouTube source. Video aggregation is done for different purposes, and TubeReader take different approaches to achieve their purpose.
Our try to collect videos of high quality or interest for visitors to view; the collection may be made by editors or may be based on community votes.
Another method is to base the collection on those videos most viewed, either at the aggregator site or at various popular video hosting sites.
TubeReader site exists to allow users to collect their own sets of videos, for personal use as well as for browsing and viewing by others; TubeReader can develop online communities around video sharing.
Our site allow users to create a personalized video playlist, for personal use as well as for browsing and viewing by others.
@YouTubeReaderBot allows you to subscribe to Youtube channels.
By using @YouTubeReaderBot Bot you agree with YouTube Terms of Service.
Use the @YouTubeReaderBot telegram bot to be the first to be notified when new videos are released on your favorite channels.
Look for new videos or channels and share them with your friends.
You can start using our bot from this video, subscribe now to Can We Really Have Zero Trust with a Federated Identity Architecture? With Justin Richer (MongoDB)
What is YouTube?
YouTube is a free video sharing website that makes it easy to watch online videos. You can even create and upload your own videos to share with others. Originally created in 2005, YouTube is now one of the most popular sites on the Web, with visitors watching around 6 billion hours of video every month.
