Friday, October 26, 2007

Re:Re:Reconciliation

Responding to my complaint, Ashish explains SignOn.com's Cardspace implementation.

If you (or anyone else) have a better idea to address this, please share and beers are on us next time we meet.

Alas, no free beer for me. I have no ideas beyond those Ashish lists, and rejects in favour of the model (surprisingly) selected by Ping's usability trials (other than relying on Cardspace itself to tell the user which cards have been presented to SignOn.com, as it is capable of).

I do believe however that, long term, the solution is untenable and that something needs to change in Cardspace to better support Ping's 'My Account' use case. Asking users for profile data when what is really needed is the card name (or some other non globally unique index) would appear to dance uncomfortably close to flouting some identity laws.

1 comment:

Anonymous said...

Hello Paul,
I have a recent post that may provide some heuristics for resolving the issue. It's at http://blogs.msdn.com/vbertocci/archive/2007/10/29/the-tao-of-claims.aspx.
I ma notifying Ashish as well.
Cheers,

Vittorio