Kim Cameron and MSFT seem to be shopping InfoCard and Geneva all over the place these days so their comments about Stork shouldn’t be surprising to anyone. The article claims that InfoCard has seen solid industry uptake which may be true but according to the recent Concordia Survey on Federated Identity InfoCard has a very small deployed base.
Nevertheless I think it reasonable to think that InfoCard will get deployed more, even in the R&E community where federated identity is already a Big Thing (TM).
InfoCard shares important infrastructure with SAML making it fairly easy to deploy alongside SAML (even though the semantics and user experience of SAML WebSSO and InfoCard differ quite a bit), namely SAML metadata which, when deployed “the right way” becomes the primary trust fabric of an identity federation. Microsofts Geneva was apparently designed around the same principles of how SAML metadata should be used as is fast becoming best practice among R&E identity federations.
So we learn that STORK will consider SAML 2.0 and holder-of-key as the primary way to interface national eID solutions in the European countries. I really hope they understand that the devil is in the details and design metadata management and trust fabric management in a sensible way.
One can only wonder what lies behind Microsoft pushing Geneva all over the place. Typically Microsoft aren’t happy just following where others lead. Perhaps the idea is to include the U-Prove technology they bought with Credentia last year in Geneva and embrace and extend the identity federation framework…
Then again once you can see the threat it is suddenly less of a threat. The famous embrace and extend tactic is precisely that: famous. People who are interested in open standards and open implementations should recognize where the ball is being played and start to think about how to implement U-prove.