“The true value of InfoCards is that it solves web identity problems we have today which are best solved through client software. Specifically, InfoCards provides:
an IDP selection technology for SP-initiated SSO. The existing systems do not work well enough because they rely on the SP knowing every partner, and being able to determine which partner is appropriate for a random user.
a secure, graphically distinct authentication mechanism to prevent spoofing-based phishing attacks
With InfoCards, you add IDPs for selection like you trust hosts for ssh (secure shell) – through an initial user-initiated provisioning. You click a link on your bank page saying ‘add to my infocards’, then if you go to a SP app that trusts your bank it shows up as an option.
Infocards itself is the name of the GUI metaphor, not the network traffic.
I believe the financial vertical is distracted today in many of their IT efforts while they focus on anti-phishing.
The Vista implementation of InfoCards protects user authentication from just about anything other than a full machine compromise.
Having the user make the choice of Identity Provider decouples the SP from the IDP, allowing for true Identity Networks to emerge.”
Archive for April, 2006
“It is not the big that eat the small, but the fast that eat the slow.”
For the first time in my 15 year entreprenurial career, I have an engineering team which produces product faster than the rest of the company can package, market and sell it. It’s quite simply an amazing thing to watch and is unquestionably the result of what I believe to be the most impressive engineering management on the planet, combined with the passion and gifts of our developers and quality assurance team.
Engineering at Ping is now producing high quality major releases every 4 months. Most impressive, they are doing this against 3 code-lines simultaneously. Not to mention their support of response engineering, sales and client services.
Gunnar Peterson (a Ping advisor) turned me onto this great quote in a recent email. Quite appropriate given the observations:
“Amateurs discuss tactics, armchair generals discuss strategy, and professionals discuss logistics.”