A whole lot of identities

I've been catching up on my blog role, finally... and found a dirth of postings regarding Microsoft's recent smiting of SAML which quotes:

Microsoft will soon start shipping "a whole lot" of servers that use WS-Federation protocols, and those client computers will be compatible, Schmidt said.

Wow. so, "a whole lot of computers". Good. I fell better now ;-) Really, I have no qualms about supporting WS-Trust and InfoCard. In fact, there is no reason SAML tokens could not be used within the InfoCard architecture, as near as I can tell... we'll see what pops out of the OASIS WS-SX Technical Committee at OASIS. Before that, who knows, really.

I had high hopes that Microsoft would support SAML in at least the InfoCard architecture, and Kim was one who had given me confidence in that aspiration. But he's blogged recently:

I have been tireless in arguing the need to support new token formats essential to such [identity meta] systems - rejecting the prevelant bugaboo that we should limit all future technology to SAML and then congratulate ourselves on how clever we are. Isn't that OK too?

Well, yes it's OK. Of course, I'm not sure who's actually saying that SAML should just be adopted by everyone, and we can all go home. Perhaps IT Executives who are waiting for the dust to settle a bit over WS-Fed vs SAML are eager to at least see some effort at convergence... but it seems that is less likely to happen, given this recent sentiment.

But I would say that SAML enjoys broad support and adoption. Tens ... maybe even hundreds... of millions of users are serviced by SAML-based protocols today. I think that is a "whole lot of identities", which is just (if not more) demonstrable of success and broad adoption, than "soon shipping"... "a whole lot of computers".

Tags: Identity | SAML | Digital Idenitity | WS-Trust | Info Card

Eclipsing Identity

Ben Hyde suggested some potential revisions to my Identity Topology, necessitating a v1.1 of my Identity Specs Topology. Well, I'm not quite ready for v1.1 just yet (as the lawyers have not finished convening on v1.0 IPR issues yet). But... I thought I would share one draft diagram I had, which included DRM, using the shadow technique he recommended.

The topology of Identity Standards

I've seen many times, a plee for some kind of 'map', allowing a developer or other interested party, a means to navigate the exploding space of identity-oriented protocols/specifications (esp Federation Protocols). I started a diagram some time ago with every imaginable specification I could dream of. Suffice to say, it was large, and illedgable, even for the composer.

I promptly ditched that , and opted for this diagram, which drops many (very relavant) bodies of work, but captures the present trend of specifications relating to this space. It includes directional relationships and venues (mostly standards bodies) where the evolution of the specification is being nurtured.

If you read this blog, and notice the ommition of something you feel is relavant, feel free to contact me/comment here, and i'll try to update it.