David Chappell

  • September 2020
  • November 2017
  • April 2017
  • October 2016
  • March 2016
  • February 2016
  • August 2015
  • April 2015
  • December 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • December 2005
  • November 2005
  • October 2005
  • September 2005
  • August 2005
  • July 2005
  • June 2005
  • May 2005
  • April 2005
  • March 2005
  • February 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004
  • August 2004
  • July 2004
  • June 2004
  • May 2004
  • April 2004
  • March 2004
  • February 2004
  • January 2004
  • December 2003

Opinari

Get the Feed! Subscribe

Introducing Geneva  
# Wednesday, November 05, 2008
 
The move to claims-based identity continues. Making this approach real requires infrastructure, however, which the vendors need to provide. Without it, a claims-based world won't materialize.

Microsoft's Geneva technology family provides one example of this infrastructure. First made public at last week's PDC, it has three parts:
  • The Geneva server, which is the next release of Active Directory Federation Services and more
  • CardSpace Geneva, the next release of Windows CardSpace
  • The Geneva framework, providing a foundation for developers to create claims-based applications and other identity-oriented software. (This technology was originally announced under the code name "Zermatt".)
"Geneva" is also a code name, and all of these technologies are still in their initial betas. Still, to help people understand what they're all about, I've written a Microsoft-sponsored Geneva white paper, available here.

I believe that claims-based identity is a terrific idea--it can make life so much simpler both for developers and for the people who use the apps they create. I look forward to a world where this approach is the norm.


3 comments :: Post a Comment

 


Comments:

I was wondering how/whether you see OpenID fitting into the picture.

I was also wondering how/whether you see simpler, more RESTful approaches, fitting in with Geneva in the future?
 

In general, OpenID could be used to authenticate a user to an STS. There's nothing in the claims-based identity world that precludes this, since an STS can do pretty much anything it likes to authenticate users. Still, I think OpenID gets too much attention. It was designed to provide authentication for low-value situations, e.g., blog comments, and so it's just not a terrific choice for more serious scenarios.

And about REST: The only aspect of claims-based identity that relies on SOAP is WS-Trust-based requests to an STS. The token an STS supplies can certainly be sent in a RESTful request. Given this, it's possible that a RESTful approach to requesting tokens from an STS could be agreed on by all of the major vendors--we'll see.
 

I've heard it said that Geneva will only use OpenID in conjunction with an Info Cards because of its susceptibility to phishing attacks.

I also agree with you David that OpenID gets way to much attention. What's with that? I have had very little success using it to login to various site, so I can't figure out why it is so popular.
 

Post a Comment


<< Home