Paul Madsen at ConnectID writes:
Kim defends CardSpace on the issue of the Display Token.
Personally, I think it's a UI issue. The concern would be mitigated if the identity selector were to simply preface the display token with a caveat:
The following attributes are what the IDP claims to be sending. If you do not trust your IdP, do not click on “Send”.
If the UI doesn't misrepresent the reality of what the DisplayToken is (and isn't), then we're hunky-dory.
And of course, CardSpace is not the only WS-Trust based identity selector in town. The other selectors are presumably under no constraints to deal with DisplayToken in the same way as does CardSpace?
Paul has a good point and I buy the “general idea”. I guess my question would be, should this warning be presented each time an Information Card is used, or just when making the initial decision to depend on a new card?
I think the answer should come from “user studies”: let's find out what approach is more effective. I hear a lot of user interface experts telling us to reduce user communication to what is essential at any specific point in time so that what is communicated is effectively conveyed.
Despite this notion, identity providers should be held accountable for ensuring that the contents of information tokens correspond to the contents of their associated display tokens. This should be mandated in the digital world.
By the way, I love Paul's recollection of the word “Hunky-Dory”. He gives a nice reference. Funny – I always thought it referred to a “certain beverage“.