Hesitation from Relying parties

James mentioned another reason for relying parties’ lack of support for Information Cards. Wanted to add more thoughts on that:

  • I haven’t seen many consumer based web applications that leverage the web access management products. I may be wrong but the WAM products are more in use for the internal/enterprise centric applications.
  • The access management products that you have listed provide authentication modules (and the SDK) which allows other authentication schemes to be hooked. Therefore, it’s not a big deal to create a custom authentication module/scheme for Information cards and then create the appropriate token/session.
  • We demonstrated a similar use case at Catalyst last year where you can use an information card to login to a Siteminder or CoreID domain. Behind the scene, you retrieve claims from the information card, contact the access management server and then create the appropriate token.
  • CA (Siteminder), Oracle(CoreID) and IBM (TAM) were all part of the OSIS interop demo at Catalyst in June. And Sun has demonstrated a CardSpace extension to their OpenSSO offering too. I don’t know when these products will be commercially available but I’m sure you know that a real customer/requirement can change priorities pretty quickly in the vendor world.
    Let us know when you are ready :-)

categories CardSpace, Identity, Infocard, Information Cards | Ashish Jain | datetime October 5, 2007 2:43 pm

Leave a Reply

Image | WordPress Themes