Browse by Tags

• AOL
• assurance
• authentication
• Bandit
• Claims
• concordia
• DigitalMe
• federation
• Google Apps
• Higgins
• IIW
• infocard
• InfoCards
• Information Cards
• informationcard
• interop
• Interoperability
• Mac
• OpenID
• openinfocard
• opensso
• OSIS
• password
• Ping Identity
• PingFederate
• rsa
• rsa2008
• SAML
• SignOn.com
• Strong Authenticaiton
• Trust
• user-centric
• WS-Fed
• Yahoo

• SignOn.com / Google Apps Integration

  One of the reasons behind launching SignOn.com was to compare and contrast different identity protocols. There are things that you can learn by reading the specs. And then there are things that you can learn by deploying/implementing the specs. We have had support for OpenID and Information Cards for a long time. With the latest release, [...] Read More... Posted Monday, May 12, 2008 12:26 PM from itickr.com | 1 Comments Filed under: CardSpace, OpenID, SignOn.com, Identity, Information Cards, Ping Identity, PingFederate, Google Apps

• Craig Mundie: Claims, Privacy and Everything

  Today I re-viewed the Craig Mundie keynote from the RSA 2008 conference. Many things were said that I liked: Recently, a few weeks ago, we announced that we had acquired Credentica, and their U-Prove technology, which we think is going to be an example of a way to realize this requirement where we can tease apart some of the individual claims around identity or elements of identity and present them individually, and therefore be able to prove certain pieces of information without disclosing too much. Read More... Posted Wednesday, May 07, 2008 9:04 AM from ignisvulpis | 1 Comments Filed under: CardSpace, Identity, Claims, rsa, rsa2008

• Concordia Slides from RSA

  | View | Upload your own Slideshare doesn’t handle animation very well. So…here is a run down on the last demo. In addition to inter-operating with other participants, I demoed login to Google Apps, using a server from Ping, CardSpace from Microsoft and an Information Card from Sun. In terms of platform, Sun’s servers were [...] Read More... Posted Tuesday, April 15, 2008 1:39 PM from itickr.com | 1 Comments Filed under: CardSpace, Identity, SAML, federation, Information Cards, Ping Identity, interop, concordia, rsa2008, WS-Fed

• Identity at RSA

  I’ll be at RSA Conference next week participating in the following events. Concordia What: The current goal is to demonstrate that SAML, WS-Fed and Information cards can co-exist and some of use cases where it makes sense. For instance, if you already have a federation setup (using SAML or WS-Fed), you can leverage Information Cards as [...] Read More... Posted Thursday, April 03, 2008 12:46 AM from itickr.com | 1 Comments Filed under: CardSpace, OpenID, Identity, SAML, federation, user-centric, OSIS, Information Cards, Ping Identity, interop, infocard, IIW, concordia, rsa2008, WS-Fed

• Lifting the curtain

  It took quite a while, but by now it is out. Please welcome the Windows CardSpace Information Card extensions for OpenSSO: https://opensso.dev.java.net/source/browse/opensso/extensions/authnicip/ When I started working on this last spring, I was not even hoping to see this released in open source and part of the OpenSSO extensions family in less than a year. It took the goodwill and talent of quite a few people to get this off the ground, but with the public release of this code and the upcoming Read More... Posted Monday, March 31, 2008 2:39 PM from Web Services Contraptions | 1 Comments Filed under: CardSpace, Identity, Interoperability, opensso, InfoCards

• OpenID Thoughts

  Trust (using the word here in a broad, abstract way) has been one of the strongest reason for the OpenID adoption. The spec does not require for OPs and RPs to get together and discuss key exchange, business value, liability issues, attribute data and so forth. OPs and RPs work independently of each other and [...] Read More... Posted Monday, March 17, 2008 2:48 PM from itickr.com | 1 Comments Filed under: CardSpace, OpenID, SignOn.com, Identity, Trust, Yahoo, AOL

• More on CardSpace Password Management

  I wrote an entry on Tuesday about CardSpace as a Password Manager . Kim responded with a request : "I’d like to hear Pat’s ideas about the user experience of bootstrapping the passwords into the Identity Provider." . Well, I see this happening at the relying party (RP) - if you already had an account there you would go to some 'change password' page containing the information card 'script' to invoke the identity selector and proceed as I detailed in the earlier post . When the identity provider (IP/STS) Read More... Posted Friday, February 29, 2008 4:16 PM from Superpatterns | 1 Comments Filed under: CardSpace, Identity, infocard, authentication, password

• Windows CardSpace and Passwords

  Pat , Ben , and Kim have been talking about the use of password tokens for use with Windows CardSpace. Pat's detailed description of how this could work is quite useful, and can be extended in some interesting ways: 1. Create a single-use password deployment If we change the default WS-Sec username/password token to not only include the username and the password needed to login, but also a newly IdP generated second password that replaces the old one on the RP, we would get a single-use password. Read More... Posted Friday, February 29, 2008 12:31 PM from Web Services Contraptions | 1 Comments Filed under: CardSpace, Identity, opensso

• CardSpace as a Password Manager

  You might have noticed the exchange between Ben and Kim over the past day or two... Ben made a point that CardSpace makes OpenID redundant - why not just send a password to the RP? Kim jumped all over him - somewhat misinterpreting what Ben later describes as one of my most diabolical hungover bits of prose ever . Ben goes on to clarify that maybe CardSpace can have a role in helping the user manage passwords; Kim says "Hmm... Food for thought" (okay, I'm paraphrasing); Ben admits he didn't explain Read More... Posted Tuesday, February 26, 2008 8:13 PM from Superpatterns | 1 Comments Filed under: CardSpace, Identity, infocard, authentication, password

• OpenID leads to Information Cards

  After a long pause you can hear the voice of the master of the identity metasystem again here . Kim Cameron explains why the success of openid leads to the success of CardSpace information cards. Some sometimes forget that there are "alternative operating systems identity selectors". Examples are of course the openinfocard identity selector or the higgins based identity seletor digitalme . Read More... Posted Monday, February 25, 2008 4:27 AM from ignisvulpis | 1 Comments Filed under: CardSpace, OpenID, Identity, openinfocard, DigitalMe, Higgins, informationcard

• What is your mother’s maiden name?

  A while back I spent some time researching into several strong authentication methods that are available in the online world. In order to get real user experience, I ended up creating online accounts with several banks and financial institutions . I got to try out various methods including OTP, biometrics, device fingerprinting etc. However, I [...] Read More... Posted Thursday, January 24, 2008 4:17 PM from itickr.com | 1 Comments Filed under: CardSpace, SignOn.com, Identity, infocard, Strong Authenticaiton

• Deep Dive Results

  Eve was kind enough to link to my earlier article on our CardSpace Deep Dive. In that post she mentions our whiteboard notes, that I took at picture of, after all: Cards based on X.509 authentication are almost working ... there is still a small issue with identifying the right certs based on the thumbprint. Overall, a fairly good result, I'd say ;-) tag: Interoperability , Identity , CardSpace Read More... Posted Thursday, January 10, 2008 10:29 PM from Web Services Contraptions | 1 Comments Filed under: CardSpace, Identity, Interoperability

• Deep Diving

  Not about SCUBA this time: we are right now visting in Redmond so we can test our implementation of a Windows CardSpace compatible IdP against Microsoft's implementation. Eventually, we will (hopefully) make this code available to the OpenSSO community through an OpenSSO Extension. At the core of the integration, we (Paul, Jiandong ,Mrudul, and I) have integrated the Metro/WSIT WS-Trust STS into OpenFM and created a simple cardfactory to produce CRD files (a big thank you to Chuck from here for letting Read More... Posted Thursday, January 10, 2008 2:26 PM from Web Services Contraptions | 1 Comments Filed under: CardSpace, Identity, Interoperability, opensso

• MacBook Pro

  I started my career writing RPG programs on AS/400. I spent majority of the past 14 years as a consultant and thus got to try a variety of platforms. Except One. Till now. Ping Identity recently gave the option to the engineering team to pick between Windows and Mac. In case you are wondering, the following [...] Read More... Posted Saturday, December 01, 2007 10:19 AM from itickr.com | 0 Comments Filed under: CardSpace, Identity, Bandit, Ping Identity, Mac

• Assurance - another opinion

  Mike made a very good remark on the OSIS General mailing list that seems relevant to the discussion between Pam, Paul, and myself about assurance in distributed security: There's a reason that self-issued cards didn't provide any ability to transmit a credit card number or national ID number. The good news is that Identity Providers sending such sensitive information are likely to not be willing to transmit it to relying parties they don't have a business relationship with. Once you're using managed Read More... Posted Wednesday, November 07, 2007 11:35 AM from Web Services Contraptions | 0 Comments Filed under: CardSpace, Identity, assurance