InfoCard Insights

Posted on by

While at Internet Identity Workshop 2005 I really enjoyed meeting Kim Cameron in person, along with Mike Jones … both from Microsoft.  They seem to be the current human-side of InfoCards.

I was really waiting to see a good demo of what they are up to, and I
have to say that I like the overall solution.  It’s a very well
thought through solution, and I can see why Microsoft is going to move
forward with it.  I’m not going to get into the good vs. bad
debates … and I’m not going to argue about the evil empire wanting to
own all of our identities.  Its not about that, and I can see all
sorts of places where my companies can participate, and where even
those in the Open Source world could jump in if they felt like doing so.

There was one interesting place where I felt that InfoCards is lacking
… and that is removing the tedious re-typing of identity information
from the user.  I hate entering data into forms.  This is why
I really like the possible Firefox/IE enhanced form-fill
solution.  The browser can start to enter information for me …
and only require my approval before posting.

Why I believe that InfoCards is lacking here is the example that I
asked Kim about during his demonstration.  I wanted to write about
it here, hoping that he might offer a different perspective, or explain
how I missed something.

Kim explained how I can create new “self issued” identity cards, or can
have a card issued to me by a web site or other entity.  What was
interesting to me was that if the site wanted to issue a card to me,
InfoCards would not provide any assistance in providing my information
to the issuer about my identity.  I understand the security
choices here, however this is what I see coming …

I go to Domino’s web site … they offer to issue me a card.  I
get a form and hand enter all of my information:  my name, phone
number, address, favorite toppings, favorite drink.  I get a
InfoCard from Dominos.

I then go to Wells Fargo’s web site … they offer to issue me a
card.  I get a form and hand enter all of my information …
again: my name, phone number, address, employment info, etc.

I then go to E*Trade’s web site … they offer to issue me a card. 
I get a form and hand enter all of my information … again: my name,
phone number, address, SS#, employment info, etc.

I then go to Delta Airlines web site … they offer to issue me a card. 
I get a form and hand enter all of my information … again: my name,
phone number, address, seat preferences, etc.

I then go to JetBlue Airlines web site … they offer to issue me a card. 
I get a form and hand enter all of my information … again: my name,
phone number, address, seat preferences, etc.

Great … I get all these cards that are later useful … but I have
had to enter my info over and over and over again.  Yes … I hear
the Liberty Alliance folks out there yelling “But we’ll federate all of
these companies behind the scenes so that they’ll all know you!” 
But I DON’T WANT THAT!

Maybe it’s going to take the full combination of technologies to solve
this … I use the Firefox solution (Mike … hurry up and write that
thing!) which actually fetches the form-fill values from a LID or SXIP
Identity Store, and then auto-fills the form that gives me an
InfoCard.  Uh … it’s sounding complex … but maybe that’s it.

Oh … sorry Drummond … I’ll have to think about where I used the i-Name in there.  😉

Leave a Reply