Identity Metasystem Demo

Kim Cameron’s Identity Weblog » Ping’s Identity Metasystem demo

This is well worth seeing for anyone with an interest in where digital identity is going. The demo itself shows cardspace (if there’s anyone who hasn’t seen it yet!) along with interoperability between a number of applications. The guys at Ping have done a great job with this and I’d hope this brings together these various strands of identity management (it’s certainly helped me, not least from an architectural point of view). Things are starting to look very exciting!

Open or Siloed Identity?

Kim Cameron’s Identity Weblog » GOOGLE’S AUTHENTICATION VERSUS MICROSOFT’S LIVE ID

I was fortunate enough to hear Kim talk at the MS Security Summit I attended today. Whilst I thought I had a pretty good understanding of Infocards/”Cardspace” and the Identity Metasystem, hearing it explained in this way was very useful and I’ve left with an even greater understanding. Whilst the demo’s were obviously using the Microsoft implementation of the ideas the open-ness of the system was evident and the effect that this will have on our industry in the future. I’ve a couple of technical questions that have come up, but I’ll get back to those later (and unfortunately I’d been booked to be elsewhere this afternoon so was unable to hang around for questions in person!)

Having seen this post tonight (one of the best things about RSS feeds is that I can miss a few days and have everything sat waiting for me to catch up!), it’s a striking comparison between the two giants’ approaches to the problem. I’ve previously written about how the trust in the two companies is different and it’s been noted again that, perhaps at least part of the reason for the new Microsoft open approach is the failure of Passport (as an Internet-wide universal Identity, at least) whereas Google thinks it can avoid those same mistakes with its siloed identity systems (Google seems to be increasingly arrogant in all areas of its business).

One thing that does worry me is that one of the reasons, IMHO, that Passport failed was that by that time, Microsoft’s reputation was already low – security was always a problem in Windows. In contrast, Google has an almost unhealthy positive reputation amongst most web users. They are quite capable of churning out substandard products and services that somehow get rave reviews in the media and from a certain group of people – whilst there is another group becoming more suspicious (and critical) of Google and everything it does. Unfortunately I get the feeling that this second group is suffering from the echo-chamber effect of the blogosphere and not much is getting out to the wider world. Given this, it’s entirely possible that the Google way could gain some traction, despite the activities of all those involved in the work so far – maybe some more publicity is required to prevent this from happening..?

Rohan Pinto also points to Kim’s post.

Addendum: Paul has already asked the questions I wanted to.