23Dec CardSpace Fail?
I remember once Microsoft CardSpace was announced and shown to a group of MSDN members that I was apart of here in Detroit. The idea seemed fantastic- finally a way to secure user’s online identity and allow the user to relay the needed information to online applications without having to fill out forms anymore! However, there was some technical obsticles I foresaw. The biggest one being the solution was “magic”. The technology used a specialized IE plugin for integration (something that Chrome and until recently Firefox wouldn’t have), and uses technology paradigms that are not used commonly in the programming community. This not only locks down the platform, but the technology is incompatible to systems that do not have a Microsoft built extension. In addition the platform requires low level access to the operating system for security precausions meaning the OS needs to have been made with a special sandbox environment specifically for the application. Novell has been working on their implementation of CardSpace, but I have doubts about the user adoption rate.
What I am trying to say is CardSpace was an amazing concept, but it has failed to appeal to both the larger developer community and end users. I see single Firefox plugins that fill in forms having much more popularity and community buzz. They require nothing of the developer of the site, easy startup for the end user, doesn’t require the OS to support certain features, requires no installation (other than the browser plugin), and the concept is very logical to follow.
The only other idea that could have a higher adoption than these generic browser plugins would be a global informtion site that your personal form information could be tethered from. However, this would require a big name behind the project as people would not trust a service with all their personal information that they didn’t already have some form of trust with beforehand. Who could it be? Google perhaps?
On a side note, an excellent Firefox plugin for filling out forms is Sxipper 
.
|
Author: Jonathan Dunlap Jonathan is a veteran software architect, author of IsoHill, humanitarian, and has worked with Bigpoint Inc, CrowdStar, ePrize, and Microsoft. |
December 25th, 2008 at 4:02 am
You talk about having a global information site that would fetch your personal info and allow you to have a single online identity, but isn’t this what openID (http://openid.net/) is trying to solve already? Any developer can implement it on their website/portal, the identity should be fairly secure as it’s the likes of VeriSign and Google that provide you with the openID and you as the user simply look for the openID logo on a site and it should mean that you can log in without having to create yet another user.
At this point I still wouldn’t use openID for anything really important though, since I don’t think the technology that mature yet.
December 25th, 2008 at 9:07 am
OpenID, as I understand it, only verifies authenticity and not profile. It does not store information about the user to give to the authenticating website site; hence the user will still need to fill out forms to setup their profile.