If you made OpenID phishing resistant then you have Microsoft CardSpace Geneva?! We need a secure (enough) UI for login and attribute sharing through OpenID, Information Cards and even username/password. I think that cards are a metaphore that users understand and what happens underneath the UI should not really concern the user. I don't want to remember an OpenID or a password, I want to choose a card and what happens under the hood... who cares?! Well, the server vendors care but not the user.
Please join the discussion at the Information Card Foundation!
Cardspace is hard to understand (at least for me) and most examples cover only Self-Issued Cards. There are no examples out there using Managed Cards so I built out a full end-to-end claims federation scenario involving Username/Password backed Managed Cards and the Cardspace Identity Selector.
ReplyDeleteLet me know what you think: http://francisshanahan.com/cardspace
This comment has been removed by a blog administrator.
ReplyDelete