IdentitySelector

Differences between revisions 5 and 7 (spanning 2 versions)
Revision 5 as of 2006-11-04 23:46:39
Size: 1287
Editor: dyn-4-39
Comment:
Revision 7 as of 2006-11-05 06:32:11
Size: 1493
Editor: c-71-196-138-19
Comment: outline rest of spec, reference related specs
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
 * '''Contributors''':  * '''Contributors''':  EricNorman
Line 29: Line 29:

== Rationale ==

== Use cases ==

== Scope ==

== Design ==

== Implementation ==

== See also ==

 * NetworkAuthentication
 * AuthenticationInfrastructure

----
CategorySpec

Summary

Identity metasystems are finally beginning to mature, based on growing support for "Laws of Identity" (see reference below or [http://www.identityblog.com/?page_id=352]) and frustration with the problems of userid/password authentication.

Users will want OS support for securely selecting identities to use with web services. One promising leader is OSIS - Open Source Identity Selector, which intends to be at least as functional, and fully compatible, with Microsoft's CardSpace (formerly known as InfoCard) identity selector that will be shipped with Windows Vista.

To guard against phishing, the identity selection should take place in a protected subsystem (similar to the login screen). The user should also get a clear and unmistakable signal that she is indeed talking with this protected subsystem and not something that just looks like one provided by a phisherman.

References

For more information about CardSpace (nee InfoCard), a real good place to start is [http://www.identityblog.com] (documents on left side).

Rationale

Use cases

Scope

Design

Implementation

See also

CategorySpec

IdentitySelector (last edited 2008-08-06 16:35:43 by localhost)