Home » Archive

Articles in the Digital Identity Category

Digital Identity »

[21 Nov 2007 | 2 Comments | ]

One thing that has been troubling me with the OpenID model and providers like myOpenID [LINK], ClaimID [LINK] and now MyID [LINK] is the notion of tying identity to a URI.
Will an OpenID stand the test of time? Is it intended to?
When you cross silos you often uncover ideas people haven’t considered. Take Identity and apply Long Now thinking. The Long Now is a term intended to encapsulate the notion of Long Term Thinking. The Long Now Foundation [LINK] "hopes to provide counterpoint to today’s "faster/cheaper" mind set …

Digital Identity »

[13 Nov 2007 | 5 Comments | ]

A few weeks ago I joined Facebook (after much resistence). Facebook sucks you in, making it so easy to give up bits of information about yourself, many times without even realizing it. It occurred to me that I’m leaving pieces of my identity everywhere.
Last night I took a stab at listing out the various entities that know me, regardless of how they know me. The list is overwhelming. It quickly became apparent that to develop a comprehensive list was not feasible. What I ended up with was a good …

Digital Identity, Things I've Made »

[4 Nov 2007 | 6 Comments | ]

Tonight I launched a simple CardSpace Managed Card Generator and Test Harness. It lets you generate a managed card, with whatever claims you’d like and then generate a test harness form for that card.
The card can then be used to obtain claims from a Simple Security Token Service. Lastly, these claims can be consumed and parsed out to complete the end to end process.
This might seem like a trivial exercise but I have not come across any other publicly available service that demonstrates the end to end flow …

Digital Identity »

[1 Nov 2007 | 3 Comments | ]

Continuing the discussion on DisplayTokens [LINK] :
A number of you have emailed me directly and some have commented publicly with some thoughtful insight and I thank you for that. Vittorio has written a very thoughtful and detailed response on his own blog [LINK].
Going back to my original question which was "Does the DisplayToken violate the First Law of Identity?" I am not convinced it does. What I think I am discovering is that the First Law of Identity is not necessarily enforced.
In Kim’s words[LINK]
"Those of us who …

Digital Identity »

[29 Oct 2007 | 3 Comments | ]

I have been following along with the Identity story for some time now.
Cardspace as an Identity selector supports two basic models;

Self-Issued Cards in which essentially you act as your own security token service and
Managed cards – in which a trusted third party acts as Identity Provider making assertions around your identity.

I have seen many examples leveraging self-issued cards but relatively few incorporating managed cards. There is a sample STS available on the http://cardspace.netfx3.com website but due to the complex nature of it I’ve found …

Digital Identity »

[24 Sep 2007 | No Comment | ]

Digital ID World [LINK] is going on currently in San Francisco. The timing is no surprise but I’m excited to read that Microsoft has announced integration of Cardspace with Windows Live [LINK].
I have been playing with Cardspace, .NET 3.x and the ID meta system for some time now. Probably 18months. In March of this year I got the chance to demo an interesting proof of concept with this technology at the IDA conference in Redmond. That was fun and is one of the last memories I have of life …

Digital Identity »

[15 Jul 2007 | 2 Comments | ]

The thinly veiled phishing scam, WikiYou.com [LINK] claims to be the "the unauthorized biography of every person on earth."
Sorry, then why does it ask for a Zip Code on the main page and make it mandatory??? do you think America is the Earth? Do you think everyone on earth has a zip code?
That’s like saying baseball has a "World Series" when only US teams participate.
Or like saying the NBA champs are the "World Champions". Ehh, call me old-fashioned but you didn’t play any other countries!!!
WikiYou relies on a …

Cool & Future Tech, Digital Identity »

[26 Feb 2007 | One Comment | ]

The dust has settled now after RSA and folks are starting to examine the implications of what came out of it, namely the widespread support for Cardspace and OpenID.
Reactions are not all positive: Mike Taulty (of whom I’m a reader) writes
"Is this about web pages or is this about my identity? Why would an identity solution involve a web page? Can I have an identity if I don’t have a web-page? If not, why not? HTML??? Are you kidding me?!?!?" [LINK]
Taulty raises the excellent point: "…we’re solving an …

Cool & Future Tech, Digital Identity »

[19 Feb 2007 | No Comment | ]

Kim Cameron answers my concerns around OpenID [LINK] in his blog [www.identityblog.com]. Kim’s post clarifies my understanding of the OpenID spec and also positions it nicely on the spectrum of identity solutions:
"We don’t live in a one-size-fits-all world…..OpenID cannot replace crypto-based approaches in which there are trusted authorities rather than trusted web pages.  But it can add a whole new dimension, and bring the “long tail” of web sites into the identity fabric."
This makes a lot of sense and the analogy drawn from OpenID/WS-* and REST/SOAP resonates particularly well, at …

Cool & Future Tech, Digital Identity »

[28 Jan 2007 | One Comment | ]

I don’t understand OpenID [LINK]. I’m sorry. I’ve tried to understand it but I just don’t get it.
The spec is confusing but thankfully Phil Windley has translated it into a diagram for us mere mortals [LINK].
The idea of OpenID is to provide "an open, decentralized, free framework for user-centric digital identity."
And here’s how the flow works (at least one of the scenarios).  Note I’ve taken Phil’s explanation and augmented it with my own understanding:

User is presented with OpenID login form by the Consumer
User responds with the URL …