{"id":927,"date":"2008-02-26T01:53:25","date_gmt":"2008-02-26T09:53:25","guid":{"rendered":"\/?p=927"},"modified":"2008-02-26T12:33:51","modified_gmt":"2008-02-26T20:33:51","slug":"understanding-windows-cardspace","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=927","title":{"rendered":"Understanding Windows CardSpace"},"content":{"rendered":"<p>There is a really wonderful\u00a0new book out on\u00a0digital identity and Information Cards called &#8220;<a href=\"http:\/\/www.amazon.com\/Understanding-Windows-CardSpace-Introduction-Independent\/dp\/0321496841\">Understanding Windows CardSpace<\/a>&#8220;.\u00a0<\/p>\n<p>Written by\u00a0<a href=\"http:\/\/blogs.msdn.com\/vbertocci\/\">Vittorio Bertocci<\/a>, <a href=\"http:\/\/blogs.msdn.com\/garretts\/\">Garrett Serack<\/a> and <a href=\"http:\/\/blogs.msdn.com\/card\/\">Caleb Baker<\/a>,\u00a0all\u00a0of whom\u00a0were\u00a0part of the original CardSpace project,\u00a0the book is deeply grounded in the theory and technology that came out of it.\u00a0 At the same time,\u00a0it\u00a0is\u00a0obviously their <em>personal\u00a0<\/em>project.\u00a0 It has a\u00a0personal feeling and conviction I found attractive.<\/p>\n<p>The\u00a0presentation\u00a0begins with a problem statement &#8211;\u00a0&#8220;The Advent of Profitable Digital Crime&#8221;.\u00a0\u00a0There is a systematic introduction to\u00a0the full panoply of attack vectors we need to withstand, and\u00a0the book\u00a0convincingly\u00a0explains\u00a0why we need an in-depth solution, not another band-aid leading to some new vulnerability.<\/p>\n<p>For those &#8220;unskilled in the art&#8221;, there is an introduction to relevant cryptographic concepts, and an explanation of how both certificates and https work.\u00a0 These will be helpful to many who would otherwise find parts of the book out of reach.<\/p>\n<p>Next comes\u00a0an intelligent discussion of the Laws of Identity, the multi-centered world and the identity metasystem.\u00a0 The book is laid out to include clever sidebars and commentaries, and\u00a0becomes progressively more McLuhanesque.\u00a0 On to SOAP and Web Services protocols &#8211; even an introduction to SAML and WS-Trust, always with plenty of diagrams and explanations of the threats.<\/p>\n<p>Then we are introduced to the concept of an identity selector and the model of user-centric interaction.<\/p>\n<p>Part two deals specifically with CardSpace, starting with walk-throughs, and leading to implementation.\u00a0 This includes &#8220;Guidance for a Relying Party&#8221;, an in-depth\u00a0look at the features of CardSpace, and a discussion of using\u00a0CardSpace in the browser.<\/p>\n<p>The authors move on to Using CardSpace for Federation, and explore how CardSpace works with the Windows Communication Foundation.\u00a0 Even here, we&#39;re brought back to the issues involved in relying on an Identity Provider, and a discussion of potential business models for various metasystem actors.<\/p>\n<p>Needless to say, much of what&#39;s covered in this book applies to Higgins and OpenInformationCard and Bandit as well as CardSpace.\u00a0<\/p>\n<p>Above all, it is\u00a0a readable book that balances technology with the broader issues of identity.\u00a0\u00a0I imagine almost anyone who reads this blog will have something to gain from it.\u00a0 I especially recommend it\u00a0for people\u00a0who want a holistic introduction to\u00a0digital identity, CardSpace and web services.\u00a0\u00a0I think the book is\u00a0excellent for\u00a0students.\u00a0 I even expect it\u00a0will be enjoyed by more than one\u00a0policy maker who wants to understand the underlying technical problems of identity.<\/p>\n<p>So check it out, and let me know what you think.<\/p>\n<p>[By the way:\u00a0 One chapter of the book is now online as a stream of html text, but I&#39;d avoid it. The printed layout and interplay of commentaries add both life and interest&#8230;]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An introduction to the Concepts and Challenges of Digital Identities<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[8,7,3,11,44],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/927"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=927"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/927\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=927"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=927"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=927"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}