Home » Archive

Articles in the Digital Identity Category

Digital Identity, Featured, Headline »

[5 Oct 2009 | No Comment | ]
The Case For Claims-Based Identity Management

“CIO Dave Nikolejsin is putting his weight behind a new approach to verifying who someone is online and creating trusted services that promise to put the user back in control. Now he just has to convince everyone else in Canada”.
Nikolejsin is spreading the word on Claims based Identity to the Canadian public sector. I had a quote and Pamela Dingle, Mary Ruddy and Rob Blakley are also in there. August company for me.

Digital Identity, Featured, Headline, Web Development »

[23 Apr 2009 | No Comment | ]
Twitter oAuth Is Working Again

Twitter oAuth is working again, in fact it never went away. All that was suspended was the ability to grant new access tokens. Existing ones worked fine. At least from my rudimentary testing.
It seems like it came back sometime around 10 o’clock eastern. I immediately noticed things weren’t working on TweetARun.com but Twitter was at least providing an authorization token.
A bit of debugging revealed that Twitter no longer respects the oauth_callback parameter passed in by the relying party. It seems to be just directing the token back …

Digital Identity, Featured, Headline, Web Development »

[22 Apr 2009 | No Comment | ]
Open Auth Security Flaw Torpedoes Partners

Today I learned that Twitter and Yahoo have pulled their support for oAuth on the news of a security flaw. [LINK] Open Auth (oAuth) is an open source authentication scheme which I’d just implemented in a new project I’m working on (http://TweetARun.com) and wouldn’t you know it it’s dead in the water.
This just highlights the dependency we as Relying Parties have on Identity Providers.
http://TweetARun.com is a nice simple little site that purposefully avoids the need to register or store passwords by implementing Federated Single Sign On with Twitter …

Digital Identity, Featured, Things I've Made, Web Experiments »

[9 Jan 2009 | No Comment | ]
Foolstr.com Soft Launch

"The fool is proud of the one thing he knows…"

foolstr is a new website, located at www.foolstr.com. It’s all about the Wisdom of Crowds. foolstr lets you publish your ideas, lessons learned and get feedback from the community. It’s a simple social site, intended to gather up collective wisdom.

foolstr is innovative in that it relies on OpenID as its form of authentication. This …

Cool & Future Tech, Digital Identity, Things I've Made »

[9 Apr 2008 | No Comment | ]

I’m a bit late with this one….Shamelessly copied from Axel’s blog [LINK]
April 7, 2008
Showcasing How Users Can Control their Identity Online, Industry’s Largest Identity Interoperability Demonstration Scheduled for RSA 2008
Fifty-seven member open source identity group to test and demonstrate interoperability between user-centric identity protocols and providers
SAN FRANCISCO (RSA Conference 2008) – April 7, 2008 – Open Source Identity Systems (OSIS) will conduct the largest user-centric identity interoperability test and demonstration at the 2008 RSA Conference, April 7-11 at the Moscone Center in San Francisco. The 33 member …

Digital Identity »

[1 Apr 2008 | One Comment | ]

Exciting times indeed in the world of Digital Identity. Huh? What the heck?
What’s going on? The internet has a crappy way of managing your personal information. We’re trying to fix that.
Why should I care? Right now you’re at quite a high risk of having your identity stolen, losing control of your personal information, of being phished or losing track of what personal information is stored where. See my previous post on Identity Fragmentation [LINK].
So what are you talking about now? RSA is happening NEXT WEEK! (7-11th April) …

Digital Identity »

[25 Mar 2008 | No Comment | ]

A while back [LINK] I was lucky enough to get a copy of "Understanding Windows Cardspace" by Vittorio, Garrett and Caleb[LINK]. I’ve finally been able to give this the time it deserves.
The Foreword is by Identity luminary (and friend) Kim Cameron and if I’m keeping it real, rather than describe the book’s contents, I wish he’d shared more thoughts around the problem space, the approach to the solution and the roadmap BEYOND cardspace.  Here’s Kim’s take on the book [LINK].
The book itself is an easy read. Not a tome …

Cool & Future Tech, Digital Identity, Things I've Made »

[12 Feb 2008 | No Comment | ]

Preliminary interoperability testing results of my Identity Provider [LINK] with other Relying Parties yield 5 Failures, 8 Working exchanges and 4 Not Applicables.
It’s a beautiful thing when the RP and IdP just "work". Checkout the results here [LINK].
For a semi-homegrown solution I’d say that’s not bad. Maybe instead of "trusting" someone with my valuable identity information, I can just be my OWN identity provider?

Digital Identity »

[11 Feb 2008 | No Comment | ]

OSIS Interop testing has kicked off with the launch of the results Wiki [http://
As mentioned in an earlier post, my Cardspace Relying Party Test Harness[LINK] as well as my Identity Provider [LINK] are in the testing this year. I get a big kick out of seeing the interoperability work between my hacked-together test harness and the other implementations out there.
Results are being gathered in the following matrix and will likely be reviewed at RSA 2008 this year.
After some initial testing it seems my RP/IdP works reasonably …

Digital Identity, Things I've Made »

[11 Dec 2007 | One Comment | ]

Cardspace can currently be launched from a web page through the use of the object tag, html form and optionally some javascript.  This approach requires rendering an HTML page and some form of user interaction before the Cardspace ID selector is launched.
This works for the typical case of logging into a website, establishing a session and accessing protected web pages.
But what if you just want to protect a file. Or an XML resource like an RSS feed?
In this post I’ll propose an extension which would allow Cardspace …