February 2008 Entries
<rant> One of the problems I have when extolling Information Cards is the severe lack of real world implementations, beyond those Vittorio has had a helping hand in. A common question is where does Microsoft use it themselves? The honest answer is "Nowhere, beyond a pathetic nod at it with Live ID™, using self issued cards to protect the Live ID login page, and only if you’re in Internet Explorer, oh and it’s beta support, and has been for over 6 months". A recent post by an EMEA Architect Evangelist is making me bang my head against the wall. One...
Craig points out that Plip has let the cat out of the bag with regards to Techrepchaun, the first DDD Ireland. So on May 3rd the usual DDD crowd, with added Europeans descend upon Galway and attempt to drink the country dry, errr, I mean, bring DDD to Ireland. As with all DDD events it’s free, held on a Saturday, there are no Microsoft speakers and we try to mix up experienced speakers with willing first time victims. The agenda is available, although subject to change. The major difference from UK DDD events is an entire track dedicated to...
So I’ve had my new laptop for over a week now and I’ve been liking Vista, which came as a shock, but there was one problem, networking. My wireless connection would just drop at random intervals for a second or two. I had thought it was a DNS lookup problem, web sites would time out and reappear with an immediate refresh; and I blamed Vista. Poor Vista, the whipping boy of many a blog entry and slashdot rant. It turns out I was wrong (take note, that admission doesn’t normally happen). I was browsing through the system event log and...
When I first started implementing security token services the documentation was minimal (ok, so that hasn’t changed much). The client wanted to log where their cards were being used, and allow specific claim access based on the identity of the relying party. When you create a managed card you can add the wsp:AppliesTo element to it which instructions the identity selector to send relying party information when requesting a token. A well behaved selector will warn users that the card provider is receiving this information(the screen shot to the left shows CardSpace and the warning it gives users). The...
When I was a small boy (hush at the back, I know a lot of you think I still act like one) two friends and myself had a secret club, with handshakes, codes and membership cards we spent a day one and which were left in back packets and destroyed when mothers washed jeans. Information Cards come in two flavours, self issued and managed. Self issued cards are ones you can created yourself, just like we did with our club membership cards. They contain what is referred to as "Phone Book" information; data that a user creates themselves and can...
As I’ve been developing an STS code library I’ve noticed a few inconsistencies around how people assume PPIDs work. If you’ve never read the interoperability specification now is a good time to start. If you’ve implemented Information Card support on your web site you’ll be aware of the Personal Private Identifier (PPID) claim. It’s generally described as a unique ID that identifies a combination of an information card and the relying party the claims are being sent to. Vittorio, as ever, has more details. On the surface the usual description indicates that each relying party gets an individual PPID, and...