David Chappell


Get the Feed! Subscribe

Introducing InfoCard  
# Monday, May 08, 2006
Dealing with identity in a digital world is a challenging problem. There are plenty of different systems used today to define and convey digital identity, and more are sure to be created. With Passport, Microsoft tried to create one identity system that could be used by many different people and organizations. While Passport wasn't a failure--it's used today by lots of people--the main thing Microsoft learned from it seems to be that a single-source model for identity will never suffice. What's needed is a way to use the plethora of existing identity systems in an effective way--an identity metasystem.

Working with others, Microsoft has defined what this metasystem should look like. More important, they've also created software that lets Windows applications fit into this system. Code-named "InfoCard", I'd argue that this technology is among the most interesting things happening in distributed computing today. It's also poised to be one of the most important, since if it's successful, everybody will use it, including your children and your mom. InfoCard also offers a way to reduce the use of passwords on the web and significantly better protection against phishing attacks, two potentially big benefits.

I've written a Microsoft-sponsored white paper, Introducing InfoCard, that provides an introduction to this new approach to digital identity. I believe that anybody who cares about modern computing should take the time to understand what InfoCard is all about--it's that significant. And as always, let me know what you think.

2 comments :: Post a Comment




thank you for writing the good whitepaper about Card Spaces. I think it is obvious to many people that Microsoft takes right direction in digital identity field by stimulating smart cards usage and providing the possibility to operate with digital identities in a way similar to our physical identities and this step was expected. However there are some technical aspects in Card Spaces that seemed to me not entirely described or even weak after I read the whitepaper:

1) verification of a relying party or identity provider certificates;
2) security issues with smartcard roaming;
3) requirement for identity providers to issue cards in Microsoft-defined format.

Finally as I understood sensitive information (claims in a security token) is encrypted by the identity provider. But how is it encrypted/decrypted?

And the last thing I want to mention is that although Microsoft’s implementation of identity metasystem undoubtedly has big chances to succeed and will provide a powerful and I hope secure way to present digital identities there are still challenges in securing electronic payments that may prevent moms and dads from too much relying on the Internet merchants (I can say for my country - not the US).


I'm glad the paper was useful for you, Yuri, and sorry for the slow reply--I've been on vacation.

Some responses:
1) Relying party and identity provider certs can be verified using the usual Windows PKI functionality, just like any other certs.
2) The roaming story in CardSpace's first release is imperfect, as the paper indicates. Microsoft tells us that it will get better soon.
3) Somebody has to define the format of information cards, and since Microsoft led this effort, they did it. I'm told that all of this will eventually be submitted to some standards organization, however, so I don't expect Microsoft to maintain proprietary control over this format.

And the way that security tokens are encrypted and decrypted can vary with the identity provider. With the self-issued identity provider, which is probably the most important case in the immediate future, a SAML token is encrypted using a private key generated by this identity provider. It then sends the encrypted token along with the corresponding public key (just the key--it's not embedded in a certificate), which allows the relying party to decrypt the token. The goal is simple authentication, not confidentiality, so the encryption requirements aren't especially onerous. Other identity providers, such as a Kerberos server, use other mechanisms to encrypt the contents of a token more securely.

It's certainly correct that CardSpace doesn't solve every problem in distributed security. If it becomes widely adopted, though, I'd expect some important aspects of distributed security to improve.

Post a Comment

<< Home