had posted a nice article on A simple managed payment card example
a while ago. So basicaly what happens with a "issued" infocard
is that the infocard
only contains a pointer to where the user information is to be obtained from (in this case as per Kim's example the issuer happens to be Bank Of America, and the requestor is amazon.com)
. Well, Kapil
had a nicer post on Smartcards and Federated Identity
Smartcards are the actually the real enabler of biggest network of identity federations world has known till date i.e GSM.
various standards like SAML, Liberty, InfoCard/WS-Trust, WS-Federation etc for identity federation respect and understand the usefulness of security devices like Smartcards. All these standards propose the solution to same set of problems in _almost_ same way and differ mostly in wire protocols used. SAML and Liberty has a profiles ECP (Enhanced client proxy) and LECP (Liberty enabled client or proxy) respectively which enables a Smartcard based authentication where as InfoCard (a profile of WS-Trust) treats Smartcard as another Security token service which can generate self issued security tokens.
nice... I see the light at the end of the tunnel. infocard treats a smartcard as a personal security token service (PSTS) which can issue security token in form of SAML assertions.
and so i thought... or rather... continue to think...
Whats the difference between the long existent JavaCard
I remember sometime back I had read an article on Microsoft Employees Get Carded
" by Karen Epper Hoffman via Kapil's Blog
. Well, Scott
made us use these along from a long time ago
... And Microsoft
on smartcards are no different
has put together a nice demo
of how a using Liberty’s ID-WSF protocols, we can create a module that greatly helps the user in dealing with his digital identities.
, sunray 1g
, sunray 170
and desktops ARE
available with builtin smartcard readers.
and hence my dilema...