In May 2005, when I wrote the whitepaper “Microsoft’s Vision for an Identity Metasystemâ€, these sentences were aspirational:
Microsoft’s implementation will be fully interoperable via WS-* protocols with other identity selector implementations, with other relying party implementations, and with other identity provider implementations.
Non-Microsoft applications will have the same ability to use "InfoCard" to manage their identities as Microsoft applications will. Non-Windows operating systems will be able to be full participants of the identity metasystem we are building in cooperation with the industry. Others can build an entire end-to-end implementation of the metasystem without any Microsoft software, payments to Microsoft, or usage of any Microsoft online identity service.
Now they are present-day reality.
This didn’t happen overnight and it wasn’t easy. Indeed, despite it being hard, the identity industry saw it as vitally important, and made it happen through concerted, cooperative effort. Key steps along the way included the Laws of Identity, the Berkman Center Identity Workshops in 2005 and 2006, the Internet Identity Workshops, the establishment of OSIS, the formation of the Higgins, Bandit, OpenSSO, xmldap, and Pamela projects, publication of the Identity Selector Interoperability Profile, the Open Specification Promise, the OSIS user-centric identity interops (I1 rehearsal, I1, I2, I3, and the current I4), the OpenID anti-phishing collaboration, the Information Card icon, and of course numerous software releases by individuals and companies for all major development platforms, including releases by Sun, CA, and IBM.
Of course, despite all the groundwork that’s been laid and the cooperation that’s been established, the fun is really just beginning. What most excites me about the group of companies that have come together around Information Cards is that many of them are potential deployers of Information Cards, rather than just being producers of the underlying software.
The Internet is still missing a much-needed ubiquitous identity layer. The good news is that the broad industry collaboration that has emerged around Information Cards and the visual Information Card metaphor is a key enabler for building it, together in partnership with other key technologies and organizations.
The members of the Information Card Foundation (and many others also working with us) share this vision from the conclusion of the whitepaper:
We believe that many of the dangers, complications, annoyances, and uncertainties of today’s online experiences can be a thing of the past. Widespread deployment of the identity metasystem has the potential to solve many of these problems, benefiting everyone and accelerating the long-term growth of connectivity by making the online world safer, more trustworthy, and easier to use.
In that spirit, please join me in welcoming all of these companies and individuals to the Information Card Foundation: founding corporate board members Equifax, Google, Microsoft, Novell, Oracle, and PayPal; founding individual board members Kim Cameron, Pamela Dingle, Patrick Harding, Andrew Hodgkinson, Ben Laurie, Axel Nennker, Drummond Reed, Mary Ruddy, and Paul Trevithick; launch members Arcot Systems, Aristotle, A.T.E. Software, BackgroundChecks.com, CORISECIO, FuGen Solutions, Fun Communications, Gemalto, IDology, IPcommerce, ooTao, Parity Communications, Ping Identity, Privo, Wave Systems, and WSO2; associate members Fraunhofer Institute and Liberty Alliance; individual members Daniel Bartholomew and Sid Sidner.
8 Comments » Posted under Bandit Project & Higgins Project & Information Cards & Interoperability & Pamela Project & People & Phishing Resistance & Windows CardSpace
8 Responses to “A Personal Perspective on the Information Card Foundation Launch”
Leave a Reply
You must be logged in to post a comment.
Information Card Foundation « Pedro Félix’s shared memory on 24 Jun 2008 at 5:16 am #
[…] 24, 2008 by pedrofelix [Via Mike Jones]: The Information Card Foundation was officially announced today. According to its press release […]
IdentityBlog - Digital Identity, Privacy, and the Internet's Missing Identity Layer on 24 Jun 2008 at 8:49 am #
[…] of the representatives of the identity community, rather than as a corporate representative (Mike Jones will play that role for Microsoft).  Beyond the important forces involved, this is a terrific […]
Windows CardSpace Team Bloggers on 24 Jun 2008 at 10:42 am #
Information Card Foundation…
No, Harry Seldon has nothing to do with it :-) The establishment of the Information Card Foundation is…
Interesting times in InfoCard land « Identity Blogger on 24 Jun 2008 at 12:43 pm #
[…] item was the announcement of the Information Card Foundation. You can read about it here, here, here, here, and […]
W2K.PL » Blog Archive » WiadomoÅ›ci ze Å›wiata tożsamoÅ›ci on 24 Jun 2008 at 2:25 pm #
[…] Cameron (ale nie tylko) doniósÅ‚ o powstaniu tworu o nazwie Information Card Foundation. Organizacja ta stawia sobie z […]
Equals Drummond » Blog Archive » The Information Card Foundation: Helping Scale Mount Identity on 24 Jun 2008 at 6:30 pm #
[…] one of two members of the ICF board who also serve on the OpenID Foundation (OIDF) board (Mike Jones is the other), and also wearing my Identity Commons steward’s hat, let me share some […]
Digital Identity Unique Identifiers OpenID Single Sign On on 25 Jun 2008 at 1:20 pm #
[…] Mike Jones of Microsoft wrote a paper on the digital identity subject in 2005 and here are a few of the links on hoe he breaks down the information: […]
Bluebee on 12 Aug 2008 at 1:41 pm #
Using a Information Card is great! I am pretty sure it will simplify life and solve a lot of problems.
But the name “Information Card†used here is a deception – behind it’s veil it is only a piece of Software, not any Card in your hands at all!
And everybody knows meanwhile what can be done with Software!
Information Cards will only be secure if there are real cards in use:
Not only passwords, every security measure running directly on a PC only is vulnerable, and virtual ID-Cards (which are only data stored on your computer), are an invitation to pishers! They only have to upload this ID-Card from your Computer, and pishers get everything they like to have!
Why? There is a not curable flaw:
Everything running directly on a PC (specially with MS-Software) can be faked or spied on. The only thing which helps is an external ID (Card or USB-Dongle) with embedded Microprocessor which handles all the login communication with embedded cryptography and refuses to be spied on.
And even if you trust your computer software and think that nobody can get your data, you have to give your essential personal identity data to the company which is issuing the ID-Card – there is another vulnerability. These Companies have all your data and the possibility to access all your WEB-based connections. Who is supervising these Companies? Who is securing
the security of your identity there?
I worked with the European eEurope Smart Card Initiative in 2000 and we discussed all the security problems – there is only one solution for real security: a device outside the computer, communicating with, but not affected by the Computer and/or the Internet!
It is a myth that data on your computer are safe, even if big companies are involved and say so.