I question the boundaries and positioning of many of Patrick's ellipses:
- SAML's ability to cover the user-centric use cases is minimized.
- Cardspace's relevance to the enterprise is marginalized.
- Managed Cardspace is shown as enabling more valuable transactions than SAML.
- Liberty WSF isn't shown.
- The extreme of the 'user-centricity' axis is typified by 'self-asserted identity (suggesting to me that 3rd party asserted identity is somehow incompatible with "pure" user-centrism)
Consequently, below is a plot for the SAML 2.0 Enhanced Client Profile (ECP), distinguished by:
- how identity flows 'through' the user agent and thereby enables direct control by the user
- the possibility of an asymmetric relationship between the SP and the IDP (as the client can mediate)
By any definition I've seen, SAML ECP is user-centric and so, at minimum, the SAML ellipse in Patrick's diagram should be streched to the right (and a separate, much smaller, ellipse created for WS-Fed, maybe used a dotted line).