Musings on Digital Identity

Category: Firefox

User-Centric Identity Interop at RSA in San Francisco

33 Companies…
24 Projects…
57 Participants working together to build an interoperable user-centric identity layer for the Internet!

Come join us!

Tuesday and Wednesday, April 8 and 9 at RSA 2008, Moscone Center, San Francisco, California
Location: Mezzanine Level Room 220
Interactive Working Sessions: Tuesday and Wednesday, 11am – 4pm
Demonstrations: Tuesday and Wednesday, 4pm – 6pm
Reception: Wednesday, 4pm – 6pm

Logos of RSA 2008 Interop Participants

JavaScript Kung Fu Fighting!

Firefox logoThanks and congratulations to Axel for his new release of the Firefox Information Card add-on that tames all that JavaScript Kung Fu with ease! I’ve updated the pertinent OSIS interop results page from “Issues” to “Works”.

Firefox Information Card Add-on Collaboration

Firefox logoThe new release of the Firefox Information Card add-on recently announced by Axel Nennker is notable not only for its features, but also because it incorporates contributions by Andy Hodgkinson of the Bandit Project that make it work with the DigitalMe Identity Selector. This means that the same Firefox add-on can now be used with at least three Identity Selectors — openinfocard, DigitalMe, and Windows CardSpace.

The benefits of sharing this core piece of Information Card infrastructure became apparent when some recent releases of Firefox broke the add-on in some scenarios. Because several copies of the code were in use by different projects by then, all the projects had to make their own fixes in their copies, both duplicating effort, and increasing the chances that different selectors would behave differently in quirky and non-obvious ways. I’m really pleased that Andy pitched in and contributed his fixes to the add-on project and that Axel incorporated them in a way that I believe means that DigitalMe won’t have to use a separate add-on anymore. Hopefully the other identity selectors will also follow suit soon, eliminating any unnecessary forking in this key project.

One nit with Axel’s post though… While he suggested calling the add-on “CardSpace for Firefox”, even though I’m a fan of CardSpace, the add-on is intended to work with any Identity Selector — not just CardSpace. Therefore I’d prefer selector-neutral names for the project like “Firefox Information Card add-on”, “Firefox Identity Selector add-on”, “Information Cards for Firefox”, etc. What selector-neutral term for the project do others prefer?

New Release of Firefox Information Card Add-on

Firefox logoI wanted to call your attention to the new release of the Firefox Information Card add-on that Axel Nennker posted this week. Axel’s changes address a number of issues identified during the Interop at Catalyst in Barcelona. Among other things, with this add-on, Firefox now supports:

  • privacyUrl and privacyVersion, which enable privacy policies to be shown,
  • issuer and issuerPolicy, which enable the use of Relying Party STSs, and
  • sites that don’t use SSL certificates (which use http rather than https).

I believe that this brings Firefox up to feature parity with the Information Card support in IE7 when used with CardSpace, as well as enabling the use of Firefox with additional identity selectors such as the openinfocard selector and others. Thanks for the great work Axel!

User-Centric Identity Interop at Catalyst in Barcelona

Logos of Barcelona Interop Participants 2007

Last night OSIS and the Burton Group held the third in a series of user-centric identity Interop events where companies and projects building user-centric identity software components came together and tested the interoperation of their software together. Following on the Interops at IIW in May and Catalyst in June, the participants continued their joint work of ensuring that the identity software we’re all building works great together.

This Interop had a broader scope along several dimensions than the previous ones:

An excerpt from Bob Blakley’s insightful-as-always commentary on the Interop is:

The participants have posted their results on the wiki, and a few words are in order about these results. The first thing you’ll notice is that there are a significant number of “failure” and “issue” results. This is very good news for two reasons.

The first reason it’s good news is that it means enough new test cases were designed for this interop to uncover new problems. What you don’t see in the matrix is that when testing began, there were even more failures — which means that a lot of the new issues identified during the exercise have already been fixed.

The second reason the “failure” and “issue” results are good news is that they’re outnumbered by the successes. When you consider that the things tested in Barcelona were all identified as problems at the previous interop, you’ll get an idea of how much work has been done by the OSIS community in only 4 months to improve interoperability and agree on standards of component behavior.

Be sure to read his full post for more details on what the participants accomplished together. And of course, this isn’t the end of the story. An even wider and deeper Interop event is planned for the RSA Conference in April 2008. Great progress on building the Internet identity layer together!

Seeing the LiveID Information Card Beta and DigitalMe in Action

Kim and I had fun with this video but we’re seriously pleased to be able to show you both using LiveID with Information Cards and DigitalMe in action together. Check it out!

User-Centric Identity Interop at Catalyst

OSIS Logos

I’ve been waiting to write about the user-centric identity interop at the Burton Group Catalyst conference until the Burton Group report about the event was published. Now it’s here!

At the interop we demonstrated interoperability between 7 Identity Selectors, 11 Identity Providers, and 25 Relying Parties. As Bob Blakley wrote:

The interop event was a milestone in the maturation of user-centric identity technology. Prior to the event, there were some specifications, one commercial product, and a number of open-source projects. After the event, it can accurately be said that there is a running identity metasystem.

The full report includes a list of participants and the software they brought to the table, an overview of the results achieved, as well as the issues identified through the interop. See Bob’s post for all the details!

The report also includes thank-yous, to which I’d like to make some additions: Thanks are due to Jamie Lewis, Gerry Gebel, and Bob Blakley of the Burton Group for sharing our vision for this interop, striving to make it the best that it could be, and tirelessly working the details until it came true. You truly helped the industry to come together in a valuable and significant way.

Also, while I appreciate Bob’s thanks for the work I put into the Open Specification Promise, there were many believers in and drivers of this important work at Microsoft besides myself, both from the Law and Corporate Affairs team and from the Federated Identity product group. This was truly a team effort.

I’m also happy to report that there will be a follow-on interop in Europe at the Catalyst conference in Barcelona, October 22-25, which will hopefully include even more participants and scenarios, including more multi-protocol interoperation proof points. Hope to see you there!

Where to get Windows CardSpace

In a recent comment, midtoad wrote:

There appears to be no way possible to allow my browser to recognize or use CardSpace cards. The one-minute video mentions a small download to be provided but none are available.

Let me try to help here. If you’re on Windows XP or Windows Server 2003 and you want to use Windows CardSpace you need to:

(Of course, if you’re on Windows Vista, you already have both.)

Finally, you didn’t say what browser you’re using. If you’re using IE you’re already set. If you’re using Firefox, follow the installation instructions at http://www.perpetual-motion.com/. And if you’re on other platforms, you might want to check out the Bandit Project’s DigitalMe downloads. Hope this helps!

Powered by WordPress & Theme by Anders Norén