A Guide to Integrating with InfoCard

I have to apologize for dropping out off the face of the earth for a while.

I've been in input mode – meeting with a whole series of absolutely brilliant people from all over the world – and just as many walks of life. I wish I could share the contents of those discussions, but unfortunately all I can do is try to infuse my work with what I've learned.

Meanwhile, some news that really means a lot to me. We have completed all the hoops necessary to publish a really detailed technical explanation of InfoCards that allows anyone and everyone to interoperate with Microsoft products through open web services protocols.

There are two documents. To me, the most important is “A Guide to Integrating with InfoCard v1.0“. I want to thank the people at Ping Identity Corporation – significantly innovative engineers who have already demonstrated interoperability with InfoCards – for helping to put this publication together. I think the result is clear and will make sense to people coming at interoperability from a non-microsoft point of view.

Here's the abstract:

The InfoCard system in the Windows Communications Foundation (WCF) of WinFX allows users to manage their digital identities from various identity providers, and employ them in different contexts where they are accepted to access online services. This Guide describes a model built upon the mechanisms described in [WS-Trust] and [WS-SecurityPolicy] to allow digital identity to be integrated into a user-centric identity framework that promotes interoperability between identity providers and relying parties with the user in control.

The mechanisms described in this document provide the framework for an identity metasystem. The interactions between the InfoCard system and a relying party or an identity provider are illustrated to allow others to create identity systems and applications that can use and interoperate with the Windows InfoCard system in WCF. This document is intended to be read alongside the InfoCard Technical Reference [InfoCard-Ref] which provides the normative schema definitions and behaviors referenced by this document.

What is the status of these documents? We see the relevant standards as being WS-Trust, WS-SecurityPolicy, and WS-Security. The Guide is really a document intended to make it as easy as possible to achieve interoperability with the InfoCard system that will be present in Windows Vista and XP. Our goal has been that no one will have to “reverse engineer” anything to play – it's all described. The authors put it this way:

This draft of the InfoCard Guide reflects what is implemented by the InfoCard system in WCF in the Beta2 release of WinFX. The documented behavior and schema described here are subject to change in the final release of the product.

I want to introduce readers to Arun Nanda, the product architect for InfoCard, and the man responsible for these documents from the Microsoft end. Arun is wonderfully open and innovative by nature. I've had a ball working with him. And no one could have done a better job at conceptualizing and rationalizing the vast array of protocol decisions, nuances and details involved in building a flesh and blood metasystem.

Published by

Kim Cameron

Work on identity.