Notes from IIW 2007a

Over at self-issued, Mike Jones picked up on the OSIS Wiki Page reporting on the recent Information Card Connect-a-thon.  Maybe the most encouraging thing was to see new players show up with working bits:

The OSIS group sponsored an Information Card interoperability connect-a-thon on May 15, 2007 as part of the Internet Identity Workshop 2007 A in Mountain View California. Participants collaborated to work through combinations of Identity Provider, Identity Agent, and Relying Party scenarios, in order to identify and workshop problems with interoperability. The following representatives were present and participated:

5 Information Card Selectors

  • Ian Brown’s Safari Plugin
  • Windows Cardspace
  • Higgins IdA Native
  • Higgins IdA Java

11 Relying Parties

  • Bandit (basic wiki authentcation)
  • Bandit (elevated privileges)
  • PamelaWare
  • CA
  • Windows Live RP (used to obtain a managed card)
  • Windows Live/single-issuer (where you can use the managed card)
  • Oracle RP
  • Identityblog RP (based on Rob Richards’ library)
  • Identityblog helloworld token RP
  • UW/Shibboleth

7 Identity Providers

  • Higgins
  • Bandit
  • UW/Shibboleth
  • LiveLabs
  • HumanPresent
  • Identityblog HelloWorld IdP

4 Token Types

  • SAML 1.0
  • SAML 1.1
  • helloworld
  • username token

2 Authentication Mechanisms

  • username/password
  • self-issued (personal) card

Many combinations interoperated as expected; several issues were identified and are being fixed in preparation for the coming Information Card Interop event to be held at the Burton Group Catalyst Conference in San Francisco (June 25-29).

Published by

Kim Cameron

Work on identity.

5 thoughts on “Notes from IIW 2007a”

  1. To see Shibboleth pick this up is absolutely fantastic. I work in academic research and authorization to copyright protected journals is just uses stone age technology these days: In most cases journal sites check whether you access them from an IP with an organisation that has bought a license. I actually think this is an almost perfect example where a federated security system is the only thing that can work.

  2. This is not really a comment on this post per se, but it at least fits somewhat 😉

    I just came across this here. Can you please write a blog entry about these seperate effors of the Windows Live ID group to create their own proprietary identity selector and how that fits into the overal vision for an identity meta system? Seeing this like that makes me wonder whether MS itself is really commited to CardSpace. I simply see nothing in the efforts of the Live ID login control that CardSpace wouldn't provide as well, and in that case the only logical explanation why they go with their own implementation is that they don't believe in the success of CardSpace or see some other problem with CardSpace. I hope it is not so!

Comments are closed.