Paul Madsen at ConnectID writes:

Kim defends CardSpace on the issue of the Display Token.

Personally, I think it's a UI issue. The concern would be mitigated if the identity selector were to simply preface the display token with a caveat:

The following attributes are what the IDP claims to be sending. If you do not trust your IdP, do not click on “Send”.

If the UI doesn't misrepresent the reality of what the DisplayToken is (and isn't), then we're hunky-dory.

And of course, CardSpace is not the only WS-Trust based identity selector in town. The other selectors are presumably under no constraints to deal with DisplayToken in the same way as does CardSpace? 

Paul has a good point and I buy the “general idea”.  I guess my question would be, should this warning be presented each time an Information Card is used, or just when making the initial decision to depend on a new card? 

I think the answer should come from “user studies”:  let's find out what approach is more effective.  I hear a lot of user interface experts telling us to reduce user communication to what is essential at any specific point in time so that what is communicated is effectively conveyed.

Despite this notion, identity providers should be held accountable for ensuring that the contents of information tokens correspond to the contents of their associated display tokens.  This should be mandated in the digital world.

By the way, I love Paul's recollection of the word “Hunky-Dory”.  He gives a nice reference.  Funny – I always thought it referred to a “certain beverage“.

Published by

Kim Cameron

Work on identity.

One thought on “Hunky-Dory”

  1. I strongly believe that putting that disclaimer on the UI all the time would be a mistake.

    First off, if you don't trust your identity provider, it's already too late. Quit using them.

    Secondly, you numb the user to any similar messages that may come later. After saying to myself, “Yes, I still trust them. Quit warning me!!” 100 times, I'm much more likely to also ignore anything else that talks about claims or trust in the same UI. Seems like those warnings might be important in the selector interface…

    “Important: When signing up with Bob's DIscount ID, please consider if you can trust them with the personal information they will be controlling on your behalf”

    Now, I understand the concern around misrepresenting the display token. Perhaps just “The following attributes are what Bob's Discount ID claims it will send if you select this token.” (I'm sure the wording could be improved) – No dire warning about trust where it's already too late, no lies about the display token.

Comments are closed.