OpenID and CardSpace

OpenID and CardSpace are both complementary and competing technologies.  An interesting thing about OpenID it that it allows you to "attach" a Card to your OpenID account (create an openid at myopenid.com if you have not already).  That is interesting as it allows you to logon to your OpenID account using your InfoCard on your desktop.  That is pretty powerful because that means you can logon to any OpenID site using your InfoCard.  So the web designer that enables OpenID logins will also get CardSpace for free without writing a single line of additional code – that is pretty cool.

In a previous post, I wrote on the need of a Proxy that would allow me to get my Card easily when on a public pc.  OpenID with cardspace support does not get us there, because I still have to have the card on the machine I am at in order to authenticate to OpenID using my card.  However, OpenID does allow me to login using name/pwd pair, so that is always a good last resort.  However this can be made better I think.

What if the OpenID provider also "stored" my Card in encrypted form?  Then I could download that card and use it.  To make this process simple, MS needs to create a temp proxy card.  So on a new machine I create a TProxy card that have my name and a URI to my OpenID provider.  Now when I try to use TProxy card, it downloads my real card from the provider and decrypts by prompting for a password.  Now that I have my real card local, I can then continue to use as normal during the session.  The provider only ever sees my card in encrypted form so it is protected from snooping.  Now the question is how to get rid of local card when done?  If I log out, the CardSpace framework and just clear card memory and be done.  But what if I just walk away and forget to logout?  I guess that is same issue as forgetting your credit card at a store and hoping nobody uses it until you cancel the card.  One option to mitigate the risk is to add a timeout on the card.

I guess another option would be a usb smart card and a pwd pair.  Keep your smart card on your key chain and you can login anywhere.  Loose your card, and someone still needs your password.  So I need to login once (to decrypt the card on the smart card) and can use the card for remainder of my session.

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

10 Responses to OpenID and CardSpace

  1. Unknown says:

    war gold buy war goldwarhammer gold buy warhammer goldaoc gold age of conan goldwow gold buy wow goldwow gold buy wow goldworld of warcraft gold world of warcraft goldwow power levelingwow item

  2. Unknown says:

    ダッチワイフ

    まつげエクステ

    アダルトグッズ

    英会話 学習

    競馬予想

    フラワーアレンジ

    ブリザーブドフラワー

    バラ

    供花

    誕生花

    誕生日プレゼント 花

    北欧家具

    アロマオイル

    ブライダルエステ 東京

    大人のおもちゃ通販

    結婚式

    結婚式準備

    結婚式の髪型

    ウェディングドレス

    av 通販

    アダルト
    ダウンロード

    熟女
    アダルト

    巨乳
    アダルト

    素人
    アダルト

    ニューハーフ
    アダルト

    FX ランキング

    FX 比較

    キャッシング 申込

    債務整理

  3. Unknown says:

    探偵 調査

    素行調査

    身辺調査

    妻浮気

    悩み相談

    探偵紹介

    探偵事務所

    行動調査

    追跡調査

    結婚式

    電話占い

    大人のおもちゃ

    オナホール

    TENGA

    バイブ

    コスプレ

    大人のおもちゃ

    アダルトグッズ

    アダルトグッズ

    ローター

    おとなのおもちゃ

    エアコン取付

    ガーデンファニチャー

    システムキッチン

    洗面化粧台

    洗面台

    エッセンシャルオイル

    医学翻訳

    大人のおもちゃ

    アダルトショップ 

    エネマグラ

    オナホール 

    仮性包茎

    アナル

    電マ

Comments are closed.