Category: Identity

One of the people who has thought most deeply about the Laws of Identity is Aldo F. Castaneda. He studies Law and Business Administration at Suffolk University Law School. His blog is the home of his legal thesis, which grapples with intellectual property issues in the emerging digital identity space. He is also doing what must be the definitive series of interviews with people working on identity, called The Story of Digital Identity. He's currently up to Episode 16 (!), an interview with Identity Woman and Marc Canter.

This recent posting shocked me a bit because it was almost like reading a part of my own mind. It shows what happens when you share the same theoretical precepts.

The story of digital identity yesterday was without question the launch of the Higgins project. There's been some debate in the blogosphere and elsewhere about the tone adopted by various journalists in presenting that story. While I agree that some of the articles about the Higgins launch stressed (at least in headlines and opening paragraphs) the competitive aspects of Higgins and InfoCard I thought that most stories (presuming a complete reading) were reasonably balanced and presented the “interoperability” aspects of Higgins and InfoCard.

In my opinion the best analysis so far was written by Eric Norlin* located here. What makes Eric's take particuarly insightful is that Eric looks through the marketing spin to see that IBM and Novell see InfoCard from an enterprise market perspective as an Active Directory “enabler”. Thus Higgins simultaneously keeps Microsoft honest by providing an “open” platform AND give IBM and Novell a means to offer enterprise customers an Active Directory alternative. So the point isn't that IBM and Novell are supporting Higgins to compete with InfoCard head-on or to offer their own “Metasystem” rather they're doing so to ensure an alternative to Microsoft's Active Directory “juggernaut” (As Eric terms it).

Another aspect of the story that's interesting to me is that IBM and Novell seem to be adhering to the Law of Pluralism of Operators and Technologies (Law #5 of Kim's Laws of Identity). In other words their actions based on quotes from yesterdays stories are consistent with the concept of interoperability (simply put the concept of a Metasystem).

But what remains an open question for me is, what happens to the Law of Human Integration and the Law of Consistent Experience Across Contexts? Will IBM and Novell be satisfied so long as customers access their digital identity data (from the Higgins framework) but via Microsoft's InfoCard UI? Will the Higgins project implement the InfoCard UI so that users can access Higgins via an InfoCard look-alike regardless of underlying platform (Linux, Windows, Apple…etc) choice?

I think these questions are important because I remain convinced that the UI is where we should all be focusing some attention to better understand that long-term strategic implications of “user centric identity” systems (See Law #1 The Law of User Control and Consent). While Microsoft is presumably offering much of the InfoCard UI to implementers on RANDZ terms (reasonably and non-discretionary terms @ Zero Royalty…has anyone read MSFT's actual licensing terms…are they available publically?) it will be interesting to see if Higgins and other's are so assured by Microsoft's licensing terms that they're willing to implement the InfoCard UI in their offerings. Doing so would arguably make it easier (more consistent end-user experience at minimum) for end-users to interact with their digital identity data across the various computing devices and environments that they use.

Frankly I think we'll see a separate UI from Higgins and others. And while that won't mean that the concept of the Metasystem will fail I believe it will tend to reduce ease-of-use and therefore diminish the extent of wide spread adoption. In more simple terms, if we end up with say 20 different identity systems that all interoperate but which all have seperate UIs will that be a truly “universal identity fabric”. I doubt end-users will think so.

*The guys (Eric Norlin and Phil Becker) have been helping The Story of Digital Identity podcast by posting new episodes to DigitalIdWorld.com. As always I thank them for their support and appreciate the additional exposure they've offered our budding little project. But note their support is not why I believe Eric's piece was the most insightful. See my reasoning above.

I have to admit that in my darker moments I have shared Aldo's concern about the seventh law. But I suspect that if interfaces complicate the user experience or introduce enough ambiguity that identity 2.0 becomes as unsafe as identity 1.0, people will avoid those interfaces. This means there are a set of strong objective forces working towards convergence of our interfaces in accord with the Seventh Law.

Our colleagues at Higgins are very smart people, as capable of seizing these dynamics as I am. So although I don't know, in detail, what people at Higgins are planning to do, I predict it will be very synergistic with my work. I am really excited to see an identity selector being written for non-windows platforms. And from my discussions with Paul, I expect that a lot of his work will be on enabling new scenarios and adding a lot of value.

Here is the latest from Eric Norlin, Editor of Digital ID World and industry veteran:

The big (as in could not miss it) news yesterday was the launch of the Higgins project — an open source instantiation of the WS-Trust framework within the Eclipse foundation. Several tech news articles got the take *way* wrong – pitching it as open source vs. microsoft story. In reality, that's not what it is at all.

In brief, the Higgins project (which is apparently named for some “long-tailed” tasmanian mouse, and NOT the guy from “Magnum P.I.” — and, really, wouldn't it be much more interesting if it was named after the guy from Magnum P.I.?) means the following:

1. This is, net-net, a *win* for Kim Cameron's Identity Metasystem. In the past few weeks, Kim has had Verisign announce support, and now an open source project building out a WS-Trust framework for application developers. So, make no mistake about it, Higgins equals more momentum for the Metasystem.

2. However, the move by IBM and Novell *appears* to be a move designed to pressure Microsoft and ensure that their instantiation of the metasystem (InfoCards) remains “open.”

3. That move is being done in response to one very big (and obvious) realization: InfoCards is going to ship in Vista (probably early) and it is going to be a game-changer in the user-centric identity space.

4. But more importantly, it may *also* be a game changer in the enterprise space, as well. There is a tremendous amount of enterprise interest in using InfoCards as a central metaphor for enterprise identity management.

5. So think about this for a second: InfoCards on a huge number of desktops, enterprises upgrading to Vista for its security features (like BitLocker), and InfoCards needs to have an identity credential issued. Where might that be issued from? Active Directory. It is no mistake that (as John Fontana observed), Active Directory is now the hub off of which all of Microsoft's enterprise identity management offerings hang.

6. ergo InfoCards will drive even more adoption of what is quickly becoming the Active Directory juggernaut.

7. Therefore, if I'm a company selling products that are competitive to Active Directory (say, like, for instance IBM or Novell), and I believe that the identity metasystem has gained enough critical mass, then it is absolutely in my best interest to push forward an open source project for the metasystem. Not doing so is to hand over my market to Active Directory.

8. Higgins is good for the community at large (the more Identity Metasystem things we get going the better), and necessary for the vendors involved.

Stay tuned, Phil will have much more to say about this in his newsletter this week.

I have no idea what peoples’ motivations might be. It all reminds me of the moments when my kids (who are now out of beta) have told me all about their friends” motivations and the knots they are experiencing in their relationships with them. When they have asked for advice, the one thing I've told them is to forget about thinking they understand peoples’ motivations, and just act so they have the best possible relationship at each moment in time… Maybe I'm hopelessly naive.

This said, I think (and here I join the speculation movement) there might be truth in the premise that once InfoCard started to gain steam, Microsoft's Active Directory support might have helped spur others to get into the middle of the game. And this is a good thing.

On the other hand, I know and work with all the players and they are people with whom I share a very deep common identity vision. They, like me, have to convince their colleagues to do some fairly counter-intuitive things to get this identity vision realized. So maybe, in this sense, the prospect of Active Directory support is something which actually helps them in their drive to explain all the dynamics in play.

Perhaps the most important thing I can say is that neither IBM nor Novell, nor Sun or anyone else, is really my competitor in this space. The competition comes from the vast patchwork of one-off and ad-hoc identity contraptions that the whole industry has been forced to build because the architecture of the Internet is missing the identity layer, leaving our virtual world in grave danger. So far, the one-off contraptions have about 99% of the market. So there's lots of space for all of us who want to change all that.

This is little Higgins. Does he look like something that would pick fight with InfoCard? I don't think so. Anyone who knows what we're trying to do here at SocialPhysics and especially in the Identity Gang knows that we're striving for a common language and understanding in an area whose depth and complexity humbles the mighty. Many of us building technology are influenced by how this conversation evolves, where the common ground is, and where we can build interoperability ‘bridges’. The implications for society are real. The last thing we want here is more division. This blog post is an attempt to put out the flames that have arisen from recent press coverage about Higgins, IBM and Novell:

Is Higgins competitive with InfoCard?

No. InfoCard is the code name for a Windows WinFX component that provides a user interface and related services that allow that Windows system to interoperate with service providers and identity providers using the WS-Trust and related protocols. Higgins, on the other hand, is a software framework that relies on service adapters that connect to external systems using that system's native protocols or APIs. [If you're familiar with the framework/provider design pattern, what I just called service adapters are Higgins providers.] We expect that in the next few months a WS-* service will be created for Higgins. Higgins when configured with this service and running on Linux, MacOS, etc. will fully interoperate with InfoCard running on Windows.

How is Higgins related to Microsoft?

We are all indebted to Kim for his important work on the seven laws of identity, for his sincerity and tolerance in reaching across traditional divides and ‘doing the right thing’ to make the web a safer place to live. Inspired by Kim, the Higgins mouse has mended his ways, is now completely law-abiding, and brushes his teeth twice a day. We also are grateful for the support Microsoft has given to the SocialPhysics project (of which Higgins is a part) through the Berkman Center.

Here's an article by Joris Evers, a Staff Writer at CNET News.com. Joris has done a great job covering the industry and has certainly paid his dues.

IBM and Novell on Monday are expected to announce an open-source response to Microsoft's forthcoming InfoCard identity management technology.

The companies plan to contribute to an open-source initiative code-named Higgins Project. The project aims to help people manage their plethora of Internet logins and passwords by integrating identity, profile and relationship information used across authentication systems on the Net.

The initiative also includes the Berkman Center for Internet & Society at Harvard Law School and Parity Communications, a company developing “social commerce” software that has been operating in stealth mode.

The open-source project, managed by the Eclipse Foundation, is a response to Microsoft's InfoCard identity management technology, Anthony Nadalin, distinguished engineer and chief security architect at IBM, said in an interview.

“This is a move to help get identity management out in the open source. InfoCard is one user-centric identity system…but the implementation Microsoft has is not what I would call open,” he said. “There are a lot of hidden elements.” One example, he said, is how it interacts with Active Directory, Microsoft's identity management technology for businesses.

Microsoft has described InfoCard as a technology that gives people a single place to manage authentication and payment information, in the same way a wallet holds multiple credit cards. An InfoCard client on a PC will connect with Web sites that need information for authentication or transactions.

Yet, the Higgins Project is more than a rival to InfoCard, Nadalin said. “We are not here to create another identity system; we are here to aggregate the existing systems,” he said. “We have invited Microsoft to participate…and we will continue to work with Microsoft to integrate with InfoCard. We think that has to happen.”

The Higgins Project will complement InfoCard in providing client software for operating systems other than Windows, Nadalin said. Also, it will make existing identity management products, such as IBM's Tivoli software, work with InfoCard, he said. IBM is expected to support Higgins in its products sometime next year.

“Microsoft would be left out in the cold without Higgins; it allows Microsoft to participate in non-Windows environments,” Nadalin said “Customers want choice. They end up voting with their pocket book. They don't want to be locked in.”

The Higgins Project looks to be a step forward in solving the problem surrounding online identities, said Kim Cameron, identity architect at Microsoft. “From what I've seen, this is a very positive development,” he said. “I think we are really going to see the identity big bang–a whole wave of social and identity-aware applications that are suddenly becoming possible.”

But while Nadalin may have his mind set on where the Higgins Project is headed, nothing is set in stone, said Burton Group analyst Mike Neuenschwander. “It is open source; it is hard to tell exactly where it will head,” he said.

There are other efforts to integrate identity information. But with IBM and Novell, the Higgins Project has attracted big-name support, Neuenschwander said.

“Everybody wants to be that central hub that integrates everybody else's stuff,” he said. “Higgins is significant in that IBM and Novell have stepped up to say they are going to develop their client software under that project.”

Neuenschwander doesn't expect to see anything tangible come out of the Higgins Project until at least the end of the year. “Then we can see with greater certainty where they are headed,” he said. “Microsoft has made it much further down the road with InfoCard.”

Microsoft plans to deliver InfoCard by the end of this year as part of Windows Vista, the next version of its flagship operating system. InfoCard will also be available for Windows XP, Microsoft has said.

Now, all is fair in love and software, and everyone who advances identity is a friend of mine. Nor do I expect people to bow down and say, “InfoCards are great and good and we will obsequiously follow in Microsoft's footsteps.” People need to differentiate themselves.

None-the-less I did contact Anthony to ask about the notion that “the implementation Microsoft has is not what I would call open.” I wanted to know what he saw as “hidden elements.” To my knowledge there is nothing hidden whatsoever, as the implementors guide published on this site testifies.

His answer:

“What I said was that User centric perspective points out the need to make it simple and easy for users to manage. What is also needed is that the framework be able to allow users and institutions to choose any identity systems and be able to integrate and interoperate between them. e.g., they can choose from any of the identity information stores to be federated – be it IBM Directory Server, Novell eDirectory, SAP system, ActiveDirectory, collaborative spaces, OpenLDAP, etc.”

And I couldn't agree more. InfoCard is specifically designed to allow this. And Anthony knows this as well as I do. So what I suspect might have happened is that when he pointed out the need to integrate all the other systems, it likely appeared that he saw things as being more counterposed than was actually the case.

With the Identity Metasystem, the paradigm is shifting. The way we are building this thing, in the open and in the blogosphere and in a spirit of collaboration, is a big break with the past. It's hard to get your arms around it. It's hard to know how to “message it” when we talk to others. It's hard to write about without it sounding silly.

But hey – we are gaining momentum and we are going to get this puppy moving full speed ahead. Further, we are going to have a renaissance of the industry that will shock everyone as the big bang hits the world of applications.

Here is reporter Robert Weisman's Boston Globe article on Higgins, titled “Harvard, tech firms push data privacy”. Higgins is an open source project that has been going for quite a while, and its significant new support from IBM and Novell is one of the most concrete indicators so far of the growing momentum of the Identity Metasystem.

Before I even start, let me congratulate Higgins leader Paul Trevithik, one of the original members of the Identity Gang and one of my favorite colleagues, for getting the support he needs to advance his work.

The initiative, which is set to be spelled out at a forum in New York, is code-named Higgins, after a long-tailed Tasmanian mouse symbolizing the ”long tail” of micro-markets — dozens of websites and online retailers of interest to an individual — that sponsors believe will be tapped by the user-centric identity management system they are developing.

For individuals, such a system promises a ”single sign-on” enabling the sharing with third parties of personal information, ranging from bank and credit card accounts to medical records and phone numbers, said John H. Clippinger, senior fellow at the Berkman Center at Harvard Law School.

Clippinger said the system will enable people to share tiers of their digital data with different parties, giving broader access to doctors, for example, than to cable companies.

”The web wasn't designed with a security layer in it, so we're addressing that missing piece,” Clippinger said. ”This is a whole new system called ‘open security’ where the control point is the individual.”

For the past year and a half, a social physics research group at the Berkman Center has been studying ways to create more trusted networks, with the goals of improving the online experience for people and businesses and making it easier to avoid spam by allowing individuals to specify with whom they want to communicate.

Parity Communications, a Chestnut Hill technology company, developed software that will serve as a starting point for such a system, but larger companies like IBM and Waltham-based Novell are also contributing to the
effort. Berkman is planning a conference in June that will demonstrate some applications and benefits of the Higgins system.

Tony Nadalin, chief security architect for IBM in Austin, Texas, said Higgins will be an application framework around which developers can write and improve programs through an ”open source” approach that is gaining popularity in the world of computing.

The system would run on top of InfoCards, a new feature Microsoft plans to offer in its new Vista operating system, but it could also work on Linux or other alternative operating systems.

Many of the technical details remain to be worked out and will be rolled out incrementally, said Dale Olds, distinguished engineer at Novell in Provo, Utah. Olds said one concept under consideration is embedding applications as Internet browser plug-ins that automatically could transfer appropriate information from an individual's data profile, called a ”context” or ”persona,” when he or she visits a website.

Companies like IBM and Novell also would seek to incorporate Higgins technology into their own products or services.

”Allowing consumers to gain more trust in the Internet is a benefit to us all,” Olds said. ”And that could provide more of a space for Novell.”

Some observers might interpret the emergence of an open source identity initiative as a fracturing of our efforts into different factions. I think that view would be very wrong.

The support for InfoCard connectivity by IBM and Novell – as well as “less corporate” members of the open source community – is absolutely one of the most important steps forward we have seen. Of course every player has other ideas they want to bring to the table as well, and that is as it should be.

There will be air turbulence of various kinds as people try to bring the things they are passionate about to the fore in solving this problem. But no one should see that as problematic, or take it as being anything but healthy.

Here's what is really happening. The identity metasystem gis oing from the “world of angels” and theoretical concepts to the world of flesh and blood. This week we have seen a huge growth of momentum. And nothing could make me happier than that.

I've said from the beginning that no one owns the Identity Metasystem. Each of us contribute to it. Now we see IBM and Novell contributing and bringing in support from products like Tivoli and E-Directory. Our customers all benefit. And so will all of us who produce products for the virtual world.

Brad Hoyt responded on where to store your infocard collection:

My preference would be to store my InfoCard ‘token’ on my Volvo keyfob. It's big enough and I usually have it with me wherever I go. 🙂

It's a really attractive idea, and I'll add it to my list of potential devices. Does this turn your Volvo into an identity protector?

Clint Combs at “Thoughts at ccombs.net” has put up a nice, empathetic piece that actually made me feel better about my ongoing spam torture. He then raises great questions about use of InfoCards in exchaning user identities for email.

Kim Cameron's “Oh, And Then There's My Junk Folder” tells an all too common story of a user losing e-mail to SPAM. Whether you know it or not, your SPAM filter has probably destroyed some e-mail that you should have received, would have received – needed to receive. Kim's experience of finding this message is probably not very typical. He went wading through his SPAM folder and found a message that should not have been tagged as SPAM, but it was.

Most users happily delete their SPAM and move on without further investigation. I do it all the time. The other day a recruiter called me. I told him I wasn't interested in the full-time position he had called about, but I would be interested in part-time projects of 10 to 15 hours a week. He said he'd send me an e-mail as follow-up, but he never sent it – or did he? I have no idea. That night, as usual, I blasted my SPAM and moved on, but having read Kim's piece I wonder if it was identified as junk and redirected to the bit bucket.

Kim's story also clicked with me for another reason. The SPAM problem is, at one level, an identity problem. As SMTP servers pass along e-mail messages they can't authenticate a sender's identity. Without this piece of information, these systems have no concrete way of guaranteeing the receipt of messages we really want to receive – InfoCard could be a big help for solving this little segment of the overall SPAM problem.

What if InfoCard-enabled identity systems were already woven into the fabric of internet? Would this have helped Kim and I get our e-mails? His message was from an “anonymous” person that he didn't know whereas my message was from a person whom I had only spoken to on the phone one time. Kim also mentions the loss of e-mail from a friend at the end of his article.

In today's e-mail environment with virtually no use of a real identity system we're forced to filter by sender e-mail address and hope that our friend doesn't change their address. In the future we should be able to trust that a person's identity will follow them via an InfoCard-style system and thus to a new e-mail address or even an entirely different mode of communication such as instant messaging or VoIP.

Infocard and other identity systems solve identity problems in well-known relationships, but what about the e-mail from the recruiter I spoke to on the phone? Can InfoCard be extended to a phone call? In future world I could have said to the caller, “Here's an InfoCard for my home e-mail address. Contact me at this address and we'll discuss this some more”. At that point I press a button on my phone and my InfoCard is transmitted to his phone. He then uses this card to send me an e-mail in Outlook and upon receipt my e-mail client recognizes the new relationship I have with this person and bypasses my SPAM filter.

A much harder problem is the anonymous e-mail to Kim. How can you get the SPAM filter to let this interaction through based on identity? Everyone has an identity, even SPAMMers. Maybe we need some sort of web of trust for this type of situtation. If the sender is a friend of a friend of a colleague, then maybe my filters let it through.

InfoCard has great potential, but it will only be useful with broad adoption across the industry. Verisign recently signed on and I expect others to join the party too. With Microsoft's new-found openness, the flood of SPAM, and our mountains of usernames and passwords, the potential of real Internet identity is too huge to ignore.

After a recent IM chat with Simon Brown I've started looking to move my blog to a new identity and authentication structure. He's weaving the Acegi Security System into Pebble 2.0 – Simon's blogging software I'm using today. While currently unrelated to InfoCard, I can easily see Acegi being extended to support it. Simon's use of Acegi is admission on his part that it's time to move beyond the username/password muck that we're currently enduring on most web sites. Everyone sees the identity problem and it's time to fix it.

The potential for a wide-spread identity system is enormous. In addition to the obvious beneficial side-effect of eliminating my long list of passwords, InfoCard and other identity systems could help crush some of the more annoying effects of SPAM. I'd love to hear from other developers, especially those in the Java “realm”, that are addressing this issue on many levels. Write and tell me how you're identifying your users and crushing your SPAM problems.

This reminds me that one of the things I need to do is post my PHP code showing how I've got InfoCards going on my WordPress blog. I imagine it would translate fairly easy into something that would work on Simon's system as well. Also, I need to move this stuff from my test system to my production system.

Here's a piece by Adam Shostack, bandleader at Emergent Chaos – which, by the way, is a way cool blog. Here he is talking about what it takes to get technology from the synapse into the family room. In my view, the identity problem is one of the hardest problems computer science has ever faced. I've been working on it since the mid eighties myself. And the job is far from done.

The truth is, cryptography is just one part of a much bigger problem that is insoluable using crypto alone. This said, I couldn't be more respectful of the contribution by cryptographers.

Quick! Name the speaker:

“In a lot of countries, statements like “this person is over 18”, “this person is a citizen”, the governments will sign those statements. When you go into a chat room, for example, in Belgium, they’ll insist that you present not necessarily the thing that says who you are, but the thing that says the government says I’m over 18. This trust ecosystem has so much good designed for privacy. This thing is amazing, where you can prove who you are to a third party and then, in the actual usage, they don’t know who you are. A lot of the previous designs had the idea that if you authenticated, then you gave up privacy. There are lots of cases where you want to be authentic but not give up your privacy – or not give up your privacy except in extreme cases. ”

No, it's not Austin Hill, circa 1999. I'd be happier if Zero-Knowledge had made us all rich, but I'm happy that the ideas that we evangelized, and that Credentica and others are building… I'm happy that these ideas are spreading to the point where Bill Gates presents them in an interview. There's a great many longtime former cypherpunks out there, helping people imagine a better future.

That imagining is important. Phillip Hallam-Baker (who has the best roundup of the RSA Cryptographers Panel I've seen) quotes Ron Rivest:

It takes about 15 years for ideas to go from concept to use. Identity based crypto may be becoming the right approach to authenticated email.

What happens along that 15 year path is that a lot of small companies come along, build great new technologies that solve a part of a problem, and then eventually, through iteration, creative destruction, skill and luck, one of them builds something that really does a great job for customers.

Here is a comment which really sent “frissons” down my spine. I mean chills. Chill chills. It might spook you out too.

Take a close look at entry 14. below from my WordPress spam editor. You'll see the URI is http://check-drug-etcetera.com. But somehow it is linked to Rohan Pinto's LID page. Rohan is a cool dude working on Identity and even InfoCard issues over in the Sun world (more later…).

I wonder what this new species of blogspam is all about – I'll ping him. Maybe they randomly read my comments, link to something in an existing comment (Rohan has written to me in the past) and then stick in their URL so they will get link inflation.

Well guys, I caught it and you won't get no link-inflation off me.

I just went into my junk mail folder for the first time in a long time and saw that many of it's 1107 items were from people who have been trying to reach me through my i-names or even through regular email. The i-names are working fine, but my corporate spam filter likes some messages and doesn't like others – for reasons that are completely beyond me. Here's an example:

Hi Kim,

We have never met, I hope you don't mind the intrusion.

I am fascinated with the InfoCard concept, the Laws of Identity, and the simplicity and similarity the InfoCard solution has with todays plastic card solutions.

( These I keep in my wallet, which I guard with my life. And like most of us, I am totally paranoid that I might somehow loose my wallet and be forever lost.)

I believe everyone will be able to easily and quickly adopt this solution for the future virtual interactions in cyberspace.

In many discussions with others promoting the InfoCard way, one question keeps coming up that I haven't been able to easially answer.

“Where should I keep my InfoCards.” USB drive, not a good idea. My laptop, but what if I'm at my desk? How about a smartcard I keep in my wallet, to add to the paranoia. Or maybe its time to have that chip installed in my forehead.:)

If you would be so kind to share your thoughts, or simply direct me to an article discussing this question.

Regardless, I am very excited about the InfoCard future, and continue to follow your progress.

Thank you.

Sincerely,

Mark Munro

What in this email looks like spam? The use of the word “wallet”?

I don't know what to say. First, I apologize to everyone who has written to me and seen their mail go into the void. I will go through all these messages – but it may take me a while! And I'll start reading my spam folder, I promise…

Now, to answer Mark's question. InfoCards don't actually contain any personal information. They are just pointers to the place where that information is held. In this sense, they are quite different from a wallet. That's one of the reasons I don't think “digital wallet” is necessarily the right word for this.

Suppose you had an InfoCard issued by a credit card company – let's use the example of Visa. Visa (or some clearing house) would operate a service on the Internet, and your InfoCard would contain a description of what the Visa card looks like, how to connect to Visa's internet service, which bank puts out the credit card, and so on.

When you decide to submit the Visa card, what really happens is that your InfoCard Selector goes out to Visa's internet service and gets a “software token” (meaning a set of claims about you – in this case perhaps a one-time credit card number) and sends it to the company you want to purchase from. The set of claims is typically encrypted, so nothing running on your PC can get at the secrets it contains. In this example, the credit card number is never exposed on your PC.

The question now becomes one of how your system proves who you are to Visa's internet service.

This could be done by using a cryptographic key stored on your machine and unlocked with a PIN. Or it could prompt you to put a USB device into the PC (which would keeps your cryptographic keys isolated from the PC). And there are a number of other methods that could be used. One vendor has even showed use of a fingerprint to release the secret.

One of the advantages of InfoCards is that you get to choose from this rich palette of methods – and identity providers can make this palette as extensive as they want. Axalto, GemPlus and other innovators have even demonstrated complete security token services that run on “smart dongles”… And we can imagine having the whole infocard selection itself stored on such a next-generation smart device – a dongle, phone or mp3 player.

In the first release of Microsoft's version of the Identity Selector, you can export your cards – in protected form – and move them from PC to PC by “sneaker net” – namely on a USB drive, a floppy, or even in an email. This makes it easy to take your cards from home to work or visa versa.

The first release also supports use of dongles and smart cards when people and identity providers choose to use them. We will work to evolve this to allow storage and roaming of your entire InfoCard collection on such devices as well.

Gosh. I just took another look at the junk mail folder and I see a note from Johannes Ernst. Hope this hasn't ruined a beautiful friendship…

I'm afraid to look further down in the list of unopened items. But I will.