Browse by Tags

• authentication
• concordia
• federation
• firefox
• Identity
• IIW
• Information Cards
• interop
• lyingparty
• OpenID
• opensso
• OSIS
• password
• Ping Identity
• relying party
• rsa2008
• SAML
• selector
• SignOn.com
• Strong Authenticaiton
• user-centric
• WS-Fed
• xmldap

• Identity at RSA

  I’ll be at RSA Conference next week participating in the following events. Concordia What: The current goal is to demonstrate that SAML, WS-Fed and Information cards can co-exist and some of use cases where it makes sense. For instance, if you already have a federation setup (using SAML or WS-Fed), you can leverage Information Cards as [...] Read More... Posted Thursday, April 03, 2008 12:46 AM from itickr.com | 1 Comments Filed under: CardSpace, OpenID, Identity, SAML, federation, user-centric, OSIS, Information Cards, Ping Identity, interop, infocard, IIW, concordia, rsa2008, WS-Fed

• More on CardSpace Password Management

  I wrote an entry on Tuesday about CardSpace as a Password Manager . Kim responded with a request : "I’d like to hear Pat’s ideas about the user experience of bootstrapping the passwords into the Identity Provider." . Well, I see this happening at the relying party (RP) - if you already had an account there you would go to some 'change password' page containing the information card 'script' to invoke the identity selector and proceed as I detailed in the earlier post . When the identity provider (IP/STS) Read More... Posted Friday, February 29, 2008 4:16 PM from Superpatterns | 1 Comments Filed under: CardSpace, Identity, infocard, authentication, password

• opensso RP with xmldap code

  Superpat postet here that there is now a new opensso extension that enables opensso to be an information card relying party. Patrick Petit (pictured) who wrote this extension uses the xmldap library to process the xmltoken. Great. Note to self: be carefull when changing the xmldap codebase. Don't break this opensso extension. Another (simpler) SUN access manager login module is described here . I am glad that Patrick improved my demo-grade login module to opensso quality. Thanks you. Read More... Posted Friday, February 29, 2008 3:53 AM from ignisvulpis | 1 Comments Filed under: CardSpace, xmldap, relying party, infocard, opensso, authentication, lyingparty

• CardSpace as a Password Manager

  You might have noticed the exchange between Ben and Kim over the past day or two... Ben made a point that CardSpace makes OpenID redundant - why not just send a password to the RP? Kim jumped all over him - somewhat misinterpreting what Ben later describes as one of my most diabolical hungover bits of prose ever . Ben goes on to clarify that maybe CardSpace can have a role in helping the user manage passwords; Kim says "Hmm... Food for thought" (okay, I'm paraphrasing); Ben admits he didn't explain Read More... Posted Tuesday, February 26, 2008 8:13 PM from Superpatterns | 1 Comments Filed under: CardSpace, Identity, infocard, authentication, password

• What is your mother’s maiden name?

  A while back I spent some time researching into several strong authentication methods that are available in the online world. In order to get real user experience, I ended up creating online accounts with several banks and financial institutions . I got to try out various methods including OTP, biometrics, device fingerprinting etc. However, I [...] Read More... Posted Thursday, January 24, 2008 4:17 PM from itickr.com | 1 Comments Filed under: CardSpace, SignOn.com, Identity, infocard, Strong Authenticaiton

• xmldap as a plugin to perpetual motion

  Kevin Miller's new Firefox plugin wraps the native Windows CardSpace identity selector, and in the process provides a great card parsing implementation. Since Kevin was kind enough to implement a plugin framework, I figured I'd take advantage and added plugin support to the xmldap selector. If you pick up the latest version of the plugin (requires Java 1.5 on your system) you will now find a new Identity Selector option in your preferences. If you have both Kevin and my extension installed, and you're Read More... Posted Sunday, December 17, 2006 11:30 PM from xmldap | 0 Comments Filed under: CardSpace, firefox, selector, infocard

• Another Firefox Cardspace Extension

  Check out this cool extension for Firefox by Kevin Miller http://www.perpetual-motion.com/ It basically wraps the native CardSpace implementation on Windows so you can use it from Firefox. Very robust looking parsing card detection, and the ability to implement an XPCOM interface to plugin other selectors: IIdentitySelector..GetBrowserToken(issuer , recipientURL, requiredClaims ,data.optionalClaims , tokenType, privacyPolicy, privacyPolicyVersion , serverCert ); The selector implementation can be Read More... Posted Tuesday, December 12, 2006 6:02 PM from xmldap | 0 Comments Filed under: CardSpace, firefox, selector, infocard

• Combining CardSpace and OpenID

  At IIW I demo'd a little proof-of-concept showing the ability to login to a CardSpace relying-party, using an OpenID based identity. For those who didn't get a chance to see it, I provided a little screen cast here: Read More... Posted Thursday, December 07, 2006 2:00 AM from xmldap | 0 Comments Filed under: CardSpace, OpenID, firefox, selector, infocard

• How-To Decrypt a CardSpace backup file

  Having posted a utility that decrypts CardSpace backup files , I thought I'd take a moment to explain how it works. The backup file format is rather obscure, so hopefully this should help serve as a guide to people looking to import and export cards with non-Windows selectors. The first thing to do is take a look at the CardSpace backup file format (edited for brevity): <?xml version="1.0" encoding="utf-8"?> <EncryptedStore xmlns="http://schemas.xmlsoap.org/ws/2005/05/identity"> <StoreSalt>3BprRlJ6LpWvvLvuGS6hXQ==</StoreSalt> Read More... Posted Wednesday, December 06, 2006 11:36 PM from xmldap | 0 Comments Filed under: CardSpace, infocard

• CardSpace Backup viewer

  Ever wonder what's inside a CardSpace backup file? Now that the xmldap.org codebase can decrypt the backup files, I thought I'd add a quick tool that allows you to peek inside. Here's a little web app which will decrypt your backup file and return the xml inside: http://xmldap.org/sts/decrypt And here's a screencast of how it works: Read More... Posted Friday, November 24, 2006 6:33 PM from xmldap | 0 Comments Filed under: CardSpace, infocard

• Minor Bug Fixes

  I updated the Firefox Selector to fix a few minor bugs introduced in the Managed Cards support update. Thanks to Axel and to Antoine Galland from Gemalto for trying it out and reporting the bugs. http://xmldap.org Read More... Posted Tuesday, November 21, 2006 12:55 PM from xmldap | 0 Comments Filed under: CardSpace, firefox, selector, infocard

• Managed Card Support for Firefox

  One more important update for the Firefox selector - With this new release, I've added a simple proof-of-concept around Managed Cards. The Firefox selector now supports importing managed cards, and retrieving tokens from an STS. It only has support for Username/Password authentication over the simple TransportBinding (this means transport security rather than message level security) Also, I've only tested against the xmldap.org STS...it may work against other implementations, but I haven't yet focused Read More... Posted Monday, November 20, 2006 2:44 AM from xmldap | 0 Comments Filed under: CardSpace, firefox, selector, infocard

• Firefox Plugin Updated

  Thanks to the hard work of Axel Nennker and his friends, I've posted an update to the Firefox Selector. The selector now has these great features: 1) Support for Firefox 2.0 - the plugin should now work on 1.5+ and 2.0 2) Internationalization Support - Axel added i18n, and has localized to: English German French Norwegian Swedish Turkish Czech Arabic and Chinese 3) There's also initial support for Logotype certificates, so that a website's icon embedded in a certificate can be displayed to the user Read More... Posted Saturday, November 18, 2006 11:42 PM from xmldap | 0 Comments Filed under: CardSpace, firefox, selector, infocard

• STS is finally working

  I finally checked in a working copy of the xmldap Security Token Service. It's a simple STS, which only supports the Transport Binding of CardSpace, but it's enough to see managed cards in action. If you'd like to try it out, go to https://xmldap.org/relyingparty/ There you'll find a link to where you can create managed cards. You'll then be able to install them into CardSpace and use them to login to the Relying Party. Below is a screencast which demos the basic steps you should follow: Here's a Read More... Posted Monday, November 06, 2006 4:31 AM from xmldap | 0 Comments Filed under: CardSpace, infocard

• back online

  Thanks to Ian, Ebe, and a new router, xmldap.org is back online. Kim - you owe us $65.00 :-) Read More... Posted Tuesday, September 19, 2006 4:08 PM from xmldap | 0 Comments Filed under: CardSpace, infocard