The Keys to the Keys
Craig Burton has penned another crystalline piece called How to Spot an Unnecessary Identity Fail (after his previous piece, How to Divine the Bovine, this is starting to sound like a field guide to identisaurus). His key point: we’ve had … Continue reading →
Six new authentication methods for Identityblog
I want to get my hands dirty and understand all the implications of the NASCAR-style approach. It's already been a riot looking into this and working through the implications.
A “change in user behavior”
Regardless of what new features they support, future user centric identity solutions need to be built so they work with existing web sites too.
Personal Reflections on the CardSpace Journey
Today, Microsoft announced that it will not be shipping Windows CardSpace 2.0. Having made a significant personal investment in working to make CardSpace a success and the Information Card vision a reality, I wanted to take the opportunity to share a few personal reflections on the CardSpace journey and the lessons we might want to...
Why You Shouldn’t Freak Out about NSTIC
Kaliya Hamlin (aki IdentityWoman) has posted a superbly written and documented article on Fast Company about why no one should freak out about NSTIC (the National Strategy for Trusted Identities in Cyberspace).
If only all dialog about digital identity infrastructure could be that well grounded and reasoned.
There’s a good reason why Kaliya (along with Phil Windley...
Information Cards, WS-Trust and SAML and OAuth, oh my!
While reading Pat Patterson's blog post "WS-Trust and SAML and OAuth, oh my!" I noticed that this fits into the Information Card flow.Pat describes Ping's Salesforce mobile flow:Mobile app accepts the username and password, and submits them to PingFede...
Information Cards, WS-Trust and SAML and OAuth, oh my!
While reading Pat Patterson's blog post "WS-Trust and SAML and OAuth, oh my!" I noticed that this fits into the Information Card flow.Pat describes Ping's Salesforce mobile flow:Mobile app accepts the username and password, and submits them to PingFede...
Taking Off Another Hat
After piling on too many hats on for the longest time, I’m now peeling some off. First I took off the Open Identity Exchange (OIX) Executive Director hat in August, and now I’m stepping down as Information Card Foundation (ICF) Executive Director and handing the reins to the very able Mary Ruddy.
The reason: I’m narrowing...
Information Card SAML Token Profile Committee Specifications
As editor of the OASIS IMI TC, I wanted to bring to your attention that the committee specifications for the SAML V1.1 Information Card Token Profile Version 1.0 and the SAML V2.0 Information Card Token Profile Version 1.0 specifications have been posted by OASIS. These specs are standard profiles for SAML 1.1 and SAML 2.0...
Identity Interop at Catalyst San Diego, July 2010
I’ll be participating in an Open Identity for Business Interop being held by OSIS at Catalyst in San Diego this month. This multi-protocol interop event includes exercising the US Government identity profiles developed as part of the Open Identity Solutions for Open Government initiative. Microsoft is hosting testing endpoints using AD FS 2.0 and the...
