David Chappell


Get the Feed! Subscribe

Digital Identity for .NET Applications: A Technology Overview  
# Tuesday, October 30, 2007
Identity is an inescapable aspect of distributed applications. The .NET world provides several technologies that developers can use in this area, but figuring out what each one does and how they fit together can be challenging. I've written a Microsoft-sponsored white paper to help people find their way through this thicket of options. Available here, the technologies it describes include ADFS, Windows Cardspace, and several more.

Handling identity well should be a fundamental competence for anybody who creates .NET applications. The goal of this paper is to help people get started on the path to acquiring this competence.

2 comments :: Post a Comment



Great paper! One things that comes to my mind reading this paper and from listening to your talk at the SOA & BP Conf is not just the problems with username/passwords but also with credit cards. Credit card information could be claims provided by a card issuer or my bank in the role of a IdP. But how can one rely on the relying partner in this scenario not storing and missuse my credit card information. Are there any other way credit card information can be used related to federated identity?

A credit card number certainly could be conveyed as a claim. Just as if you'd typed that number into a web page, however, it's up to the web site you're interacting with (i.e., the relying party) to use it responsibly. How the number gets there doesn't change this.

Another possibility is that a payment organization might create a single-use authorization number for a particular payment rather than sending your credit card number. This could act like a digital check, allowing you to pay for a single transaction without fear of later misuse.

Post a Comment

<< Home