Windows CardSpace / InfoCard – What’s in a name?
Microsoft recently announced some name changes related to the Identity Metasystem components. Apparently, there was some name confusion in the community and the new conventions are supposed to clear it up. I’m still confused. Let me explain “why”.
This is what I thought it used to be:
- WinFX – Framework/Component/Library that you need to install on your windows machine.
- Identity Selector – The client application that shows up in the control panel. Allows the user to manage his/her cards. It gets invoked though the Service Provider (SP) / Relying Party (RP) application and allows the user to select his/her identity. Essentially the object tag in the html page, invokes an ActiveX control that invokes the Identity Selector. The Identity Selector also hosts an STS that can issue SAML tokens among other things.
- xmlToken : name of the encrypted token that the Identity Selector “POST” to the RP/SP
- InfoCard – Short name for Information Cards. However, from what I know (based purely on reading around the net), it was also the code name of the Microsoft project around the technology. Therefore, technically it wasn’t really a concept but rather an internal project name that picked up industry momentum.
Fast forward to present.
- WinFX renames to .NET 3.0…..since that’s what it essentially is. And it gives a warm and fuzzy feeling to .NET developers that it’s not another thing that they have to learn. Makes sense.
- Identity Selector renames to CardSpace or Windows CardSpace (WCS). The abbreivation can be mistaken as Windows Color System . Nonetheless, I’m not sure what additional value the new name provides. It could very well be Card Holder, Identity Wallet, Digital Identity Store, Identity Manager….or any combination of the above terms. To me, Identity Selector was just as good.
However, here is the confusing part:
Checkout the following URLs:
Windows CardSpace (formerly “InfoCard”)
Cardspace (previously “InfoCard”)
Just do a search on “CardSpace”….and almost all the results come back as “Card Space (formerly “InfoCard”)…..which I believe is wrong….well…confusing to say the least. “InfoCard” was a code name and CardSpace is the name of a component/application and it replaces the name ‘Identity Selector’ and not InfoCard. I’ll be curious to find out the choice of the linux world….will it be Linux Identity Selector OR Linux Card Space?
However, it does free up the word “InfoCard” (hmmm…may be that’s the real reason) and allow it to be used as a concept – the visual metaphor that represents what the user has to submit instead of userid/password, – the term that the sites can use to symbolize if they can accept “xmlToken”……essentially equivalent of the word “credit card”…..like acme.com can accept Infocards from the x, y and z Identity Providers.
It’s not easy to pick up a name to represent that concept. There has been a lot of discussion at a few mailing lists to select that term….and with some great ideas e.g. digitalid, netkey, idocs, id-card, digitoken and so forth. But the name has to be
- technically correct i.e. represent what it really is
- should make sense to grandma in Iowa and not just to tech geeks
- shouldn’t have vendor bias.
- shouldn’t have legal implications e.g. existing trademarks etc.
- others…
Time will tell if the word “InfoCard” gets to be that term.
In the end, it doesn’t really matter. That ‘secure identity thingy’ is good enough for me.
Identity, Infocard | Ashish Jain | 
June 21, 2006 11:41 pm
Subscribe
Ashish’s
portal and SSO to other relying parties using either the federation or the user centric identity model. E.g SSO to webex (with less privacy concerns and where the employer owns the relationship) using the federation model. However, use CardSpace (Infocard, I-Card or whatever the right name is) to log into the 401k account. The I-Card can either be self-issued or it can be issued by a Corporate IdP (which in this case will be our Java IdP Server). If you plan to be at DIDW next week and are interested in the space, please drop by Ping
Heh, it’s funny – for me, the Cardspace thing makes it easier, but I have doubts about other parts.
The way I see it is this — if you’re talking about the general concept of a member of the framework, you should be able to use an “article” in front of the name. For example: an Identity Selector, or the Identity Selector. Any number of products could fit the bill of Identity Selector, and as such, I think that your original definition is spot on, and that this definition has not changed whatsoever since the introduction of the new naming conventions.
However, if you are talking about one single implementation of a concept, the article should not apply. For example, you would never say “an Exchange” when talking about MS Exchange. Unfortunately, the infocard term was overloaded, and one of the ways to tell which definition of the word was intended, was to examine the context of whether or not an article was used (ie ‘look at the infocard’ meant the generic concept of an information card, vs. ‘look at infocard’ meant the actual MS implementation).
So now, the ambiguity is gone. Cardspace is the MS implementation of an Identity Selector. Anyone else who tries to use Cardspace in naming their Identity Selector will probably get a nice letter from some very expensive lawyers.
Which is all fine and dandy until you think of yet another term: the Identity Metasystem. This breaks ALL of my linguistic rules! Every time I hear that term, I can’t help but think WHICH Identity Metasystem??? ID-WSF is an Identity metasystem, in my mind. So how are we to know whether we are talking about the general concept of an identity metasystem or whether we are talking about Kim’s Identity Metasystem???
My poor little mind boggles…
Pam
Pam,
Thanks for the explanation.
I’m not questioning the word ‘CardSpace’…even though I couldn’t be sure if it should be identified as the Microsoft Implementation of Identity Selector. I thought I read how the word ‘Windows’ in ‘Windows CardSpace’ will probably get dropped. And the statements that CardSpace is the new name of ‘Identity Selector’ made me think that CardSpace is a “replacement” and not an “implementation” of Identity Selector. Referring CardSpace as ‘formerly InfoCard’ is what confused me more. Following your example (with or without the new conventions), ‘look at InfoCard’ means (to me) Microsoft implementation which might become a generic concept.
- Ashish.
[...] The co-existence and co-opetition of Federation and User Centric Identity is getting very intriguing. At Catalyst, we demoed how a user can log into a Portal using a self-issued Infocard and how those credentials can be leveraged to federate to other security domains e.g. Saleforce, Weblogic, Siteminder, Citrix etc. The DIDW demo will look at the intersection from a different angle. The user/employee logs into the enterprise portal and SSO to other relying parties using either the federation or the user centric identity model. E.g SSO to webex (with less privacy concerns and where the employer owns the relationship) using the federation model. However, use CardSpace (Infocard, I-Card or whatever the right name is) to log into the 401k account. The I-Card can either be self-issued or it can be issued by a Corporate IdP (which in this case will be our Java IdP Server). [...]
[...] Original post by Ashish Jain and reblogged using an RSS aggregator at The Identity Gang BlogReGator [...]