- A First Look at WF 4.0, Dublin, and Oslo
- Introducing the Azure Services Platform
- What is Oslo?
- Architect Connections Conference
- Responses to A Short Introduction to Cloud Platforms
- A Short Introduction to Cloud Platforms
- An Interview on Microsoft's Oslo
- What is Software + Services?
- The State of SCA: An Update
- Understanding Windows CardSpace
Opinari
Subscribe
Introducing Geneva
# Wednesday, November 05, 2008
The move to claims-based identity continues. Making this approach real requires infrastructure, however, which the vendors need to provide. Without it, a claims-based world won't materialize.
Microsoft's Geneva technology family provides one example of this infrastructure. First made public at last week's PDC, it has three parts:
- The Geneva server, which is the next release of Active Directory Federation Services and more
- CardSpace Geneva, the next release of Windows CardSpace
- The Geneva framework, providing a foundation for developers to create claims-based applications and other identity-oriented software. (This technology was originally announced under the code name "Zermatt".)
I believe that claims-based identity is a terrific idea--it can make life so much simpler both for developers and for the people who use the apps they create. I look forward to a world where this approach is the norm.
3 comments :: Post a Comment
Comments:
I was wondering how/whether you see OpenID fitting into the picture.
I was also wondering how/whether you see simpler, more RESTful approaches, fitting in with Geneva in the future?
I was also wondering how/whether you see simpler, more RESTful approaches, fitting in with Geneva in the future?
In general, OpenID could be used to authenticate a user to an STS. There's nothing in the claims-based identity world that precludes this, since an STS can do pretty much anything it likes to authenticate users. Still, I think OpenID gets too much attention. It was designed to provide authentication for low-value situations, e.g., blog comments, and so it's just not a terrific choice for more serious scenarios.
And about REST: The only aspect of claims-based identity that relies on SOAP is WS-Trust-based requests to an STS. The token an STS supplies can certainly be sent in a RESTful request. Given this, it's possible that a RESTful approach to requesting tokens from an STS could be agreed on by all of the major vendors--we'll see.
And about REST: The only aspect of claims-based identity that relies on SOAP is WS-Trust-based requests to an STS. The token an STS supplies can certainly be sent in a RESTful request. Given this, it's possible that a RESTful approach to requesting tokens from an STS could be agreed on by all of the major vendors--we'll see.
I've heard it said that Geneva will only use OpenID in conjunction with an Info Cards because of its susceptibility to phishing attacks.
I also agree with you David that OpenID gets way to much attention. What's with that? I have had very little success using it to login to various site, so I can't figure out why it is so popular.
Post a Comment
I also agree with you David that OpenID gets way to much attention. What's with that? I have had very little success using it to login to various site, so I can't figure out why it is so popular.
# posted by 
: February 07, 2009 3:09 PM
: February 07, 2009 3:09 PM
<< Home