{"id":1164,"date":"2011-02-21T02:15:05","date_gmt":"2011-02-21T10:15:05","guid":{"rendered":"\/?p=1164"},"modified":"2015-01-04T17:12:12","modified_gmt":"2015-01-04T23:12:12","slug":"from-cardspace-to-verified-claims","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=1164","title":{"rendered":"From CardSpace to Verified Claims"},"content":{"rendered":"

Last week Microsoft announced the availability of Version 2 of the U-Prove Technology Preview<\/a>.<\/p>\n

What\u2019s new about it?<\/p>\n

The most important thing is that it offers a new, web-oriented user experience carefully tailored to helping people control the release of \u201cverified claims\u201d while protecting their privacy.\u00a0 By verified claims I mean things that are said about them as flesh-and-blood people by entities that can speak, at least in certain contexts, with authority. By protecting privacy I mean keeping information released to the minimum necessary, and ensuring that the authority making the claims \u2013 for example a government \u2013 is not able to track and profile the way your information is used.<\/p>\n

\"\"The system takes a number of the good ideas from CardSpace but is also informed by what CardSpace didn\u2019t do well. It doesn\u2019t require the installation of new components on your computer.\u00a0It works on all the major browsers and phones. It roams between devices.\u00a0Sites don't have to worry about users\u00a0\u201cgetting a card\u201d before the system will work. And it allows claims providers and relying parties to shape and brand their users\u2019 experiences while still providing a consistent interface for claims approval.<\/p>\n

In other words, it represents a big step forward for protecting privacy using high value credentials to release claims.<\/p>\n

A focused approach<\/strong><\/p>\n

When it comes to verified claims, the \u201cU-Prove Agent\u201d goes beyond CardSpace.\u00a0 One way it does this is by being highly focused and integrated into a specific type of identity experience. I\u2019ll be posting a video soon that will help you get a concrete sense of why this works.<\/p>\n

That focus represents a change from what we tried to do with CardSpace.\u00a0\u00a0 One of the key goals of CardSpace was to provide a \u201cgeneralized solution\u201d – an alternative to the \u201cpatchwork quilt\u201d of what I called \u201cidentity kludges\u201d that characterize peoples\u2019 experience of identity on the Internet.<\/p>\n

In fact I still believe as much as ever that a \u201cgeneralized solution\u201d would be nice to have. I would even go so far as to say that a generalized solution is inevitable \u2013 at some point in time.<\/p>\n

But the current chaos is so vast<\/em> \u2013 and peoples\u2019 thinking about it so fractured \u2013 that the only prudent practical approach is to carve the problem into smaller pieces. If we can make progress in some of the pieces\u00a0we can\u00a0tie that progress together. The U-Prove Agent for exchange of verified claims is a good example of this, making it possible to\u00a0offer services\u00a0that would otherwise be impossible because of privacy problems.<\/p>\n

What about CardSpace?<\/strong><\/p>\n

Because of its focus, the U-Prove agent isn\u2019t capable of doing everything that CardSpace attempted to do using Information Cards.<\/p>\n

It doesn\u2019t address the problem of helping users manage ALL their identities while keeping them separate. It doesn\u2019t address the user problems of password fatigue, phishing and pervasive \u201csecret questions\u201d when logging into consumer web sites.\u00a0 It doesn\u2019t solve the famous “home realm discovery problem” when using federation. And perhaps most frustrating when it comes to using devices like phones, it doesn\u2019t give the user a simple way to pick their identities from a set of visual representations (icons or cards).<\/p>\n

These issues are all more pressing today than they were in 2006 when CardSpace was first proposed. Yet one thing is clear: in five years of intensive work and great cross-industry collaboration with other innovators working on Apple and Linux computers and phones, we weren\u2019t able to get\u00a0Information Cards\u00a0onto the radar of the big web properties users depend on.<\/p>\n

Those properties had other priorities. My friend Mike Jones put it well <\/a>at Self-Issued:<\/p>\n

\u201cIn my extensive experience talking with potential adopters, while many\/most thought that CardSpace was a good idea, because they didn\u2019t see it solving a top-5 pain point that they were facing at that moment or providing immediate compelling value, they never actually allocated resources to do the adoption at their site.\u201d<\/p>\n

Regardless of why this was the case, it explains why last week Microsoft also announced that it will not be shipping CardSpace 2.0.<\/p>\n

In my personal view, we all certainly need to keep working on the problems Information Cards address, and many of the concepts and technologies used in Information Cards should be retained and evolved. I think the U-Prove team has done a good job at that, and provides an example of how we can move forward to solve specific problems. Now the question is how to do so with the other aspects of user-centric identity.<\/p>\n

Over the next while I\u2019m going to do a series of posts that explore some of these issues further \u2013 drawing some lessons from what we\u2019ve learned over the last few years.\u00a0 Most of all, it is important to remember what great progress we\u2019ve made as an industry around the Identity Metasystem, federation technology, and claims-based computing. The CardSpace identity selector\u00a0dealt with the hardest and most forward-looking problems of the Metasystem:\u00a0 the privacy, security and usability problems that will emerge as federated identity\u00a0becomes a key component of the Internet.\u00a0 It also challenged industry with an approach that was truly user centric.<\/p>\n

It's no surprise that it is hardest to get consensus on forward-looking technologies!\u00a0 But meanwhile,\u00a0 the very success of the Identity Metasystem as a whole will cause all the issues we\u2019ve been working on with Information Cards to return larger than life.<\/p>\n

\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"

The V2 U-Prove Technology Preview includes a new User Agent that replaces CardSpace and focuses on Verified Claims<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[16,37,10,76,2,8,7,40,74],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1164"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1164"}],"version-history":[{"count":2,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1164\/revisions"}],"predecessor-version":[{"id":1414,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1164\/revisions\/1414"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}