Home » Archive

Articles tagged with: cardspace

Cool & Future Tech »

[26 Apr 2007 | No Comment | ]

Network World’s done some pieces on the Identity Meta-System (mistakenly called "Microsoft’s Identity meta-system") listed here [LINK] and here [LINK]. Kim comments on them here [LINK]
Last month I traveled to Microsoft to participate in their Customer Advisory Council representing my employer. It was an exciting few days but I left feeling there was still a lot of education that needed to be done at the corporate level around Security Token Services, Identity Providers, Cardspace, the Identity Meta-System and so on.
I first met Stuart early in 2006 on a different …

Cool & Future Tech, Digital Identity »

[26 Feb 2007 | One Comment | ]

The dust has settled now after RSA and folks are starting to examine the implications of what came out of it, namely the widespread support for Cardspace and OpenID.
Reactions are not all positive: Mike Taulty (of whom I’m a reader) writes
"Is this about web pages or is this about my identity? Why would an identity solution involve a web page? Can I have an identity if I don’t have a web-page? If not, why not? HTML??? Are you kidding me?!?!?" [LINK]
Taulty raises the excellent point: "…we’re solving an …

Cool & Future Tech, Digital Identity »

[19 Feb 2007 | No Comment | ]

Kim Cameron answers my concerns around OpenID [LINK] in his blog [www.identityblog.com]. Kim’s post clarifies my understanding of the OpenID spec and also positions it nicely on the spectrum of identity solutions:
"We don’t live in a one-size-fits-all world…..OpenID cannot replace crypto-based approaches in which there are trusted authorities rather than trusted web pages.  But it can add a whole new dimension, and bring the “long tail” of web sites into the identity fabric."
This makes a lot of sense and the analogy drawn from OpenID/WS-* and REST/SOAP resonates particularly well, at …

Cool & Future Tech, Digital Identity »

[28 Jan 2007 | One Comment | ]

I don’t understand OpenID [LINK]. I’m sorry. I’ve tried to understand it but I just don’t get it.
The spec is confusing but thankfully Phil Windley has translated it into a diagram for us mere mortals [LINK].
The idea of OpenID is to provide "an open, decentralized, free framework for user-centric digital identity."
And here’s how the flow works (at least one of the scenarios).  Note I’ve taken Phil’s explanation and augmented it with my own understanding:

User is presented with OpenID login form by the Consumer
User responds with the URL …

Digital Identity, Things I've Made »

[25 Oct 2006 | One Comment | ]

If you’ve downloaded the Simple STS sample from the NetFX3 website over here:
http://cardspace.netfx3.com/files/folders/samples-july-ctp/entry5204.aspx
You’ll find the sample does not run out of the box. When generating managed cards you get the error "Can’t find claim specification for [http://schemas.microsoft.com/ws/2005/05/identity/claims/givenname]"
This is because CardSpace claims have recently been updated to use the xmlsoap.org namespace. Update any references you find to http://schemas.microsoft.com to http://schemas.xmlsoap.org for the fix.
Here’s what the updated FabrikamUP.ini file should look like:
-====================== CUT BELOW ===============================-
[CARD]
; type is one of UserNamePassword,KerberosAuth,SelfIssuedAuth,SmartCard,
TYPE=UserNamePassword
[Details]
Name=My Card (U/P backed)
ID=http://www.fabrikam.com/card/unpw/randomnnumber123
version=1
image=imagesfabrikam.jpg
[Issuer]
Name=Fabrikam Auto Group
Address=http://www.fabrikam.com:3074/sts
MexAddress=https://www.fabrikam.com:4074/sts/mex
PrivacyPolicy=http://www.fabrikam.com/PrivacyPolicy.xml
; certificate should be either …

Digital Identity »

[25 Sep 2006 | No Comment | ]

I am doing lot of work with Cardspace and Infocard.
If you are trying to get the Infocard Labs working from the Vista Beta2 release of Infocard (earlier this year) with the latest June CTP of the .NET framework you’ll find the code doesn’t work with the latest CTP. This is due to a number of breaking changes that were implemented in the latest CTP.
You’ll find a list of these here: Breaking changes.
I found the most important one was the change from System.ServiceModel.Identity to System.ServiceModel.EndpointIdentity.
That should keep all …

Digital Identity »

[24 Apr 2006 | No Comment | ]

I’ve had the pleasure of meeting Kim Cameron from Microsoft. He’s the champion of Microsoft’s new paradigm for identity management, namely “Infocard”.
For those unfamiliar with Infocard, here’s the 50,000 foot description. It’s a way to prove various facts (claims) to a third party (reliant party). In today’s world you login to sites with a username and password. In tomorrow’s world you’ll present a secure token using the infocard UI and the Identity Metasystem (WS-*).
Here’s how it might work:
A user running WinXP, Win2003 or Vista visits a site (Relying Party). …