About Relying Party STSs (a.k.a, what is RequireFederatedIdentityProvisioning?)

A useful, yet sparsely documented feature of Windows CardSpace is its support for resource side Security Token Services (STSs) – STSs that are used by relying parties rather than Identity Providers. Vittorio has done an excellent job helping to provide detail on this subject, and I highly recommend people interested in understanding more about what…

6

CardSpace on FAT File Systems

The version of Windows CardSpace that shipped in .NET Framework 3.0 will not run when installed on a FAT file system. We’ve received a surprising amount of feedback (some of the earliest from Pamela Dingle) that customers are still using FAT file systems and this is causing problems.  This was done because FAT doesn’t provide…

1

Exiting CardSpace after Installing or Restoring Cards

Here’s another change we made in .NET Framework 3.5 to improve our user experience. Users often got confused on what to do after installing a managed card or restoring their backed up cards when initiated outside of CardSpace. This would usually be initiated by double clicking on a *.crd or *.crds file or opening a…

1

CardSpace support for Oasis WS-SX standards

The OASIS Web Services Secure Exchange (WS-SX) technical committee has published specifications for WS-Security extensions and policies to enable the trusted exchange of SOAP messages. Their effort resulted in the WS-SX specifications that include WS-Trust, WS-Security policy and WS-Secure conversation. This standardization of WS-Trust is good news. Gartner says that:   OASIS’s ratification of two…

2

Identity Lab Goes Live

  As part of preparing for the User-Centric Identity Interop event last month, the team I’m on, Federated Identity (which owns CardSpace as well as ADFS “2“), set up a web site hosting a set of Identity Provider and Relying Party services enabling the interoperability of our code to be tested against other implementations on…

1

All the bits to employ CardSpace without an SSL certificate are now available

Hi, my name is Tariq Sharif and I am a program manager in the CardSpace team.  After we released CardSpace V1 we received feedback from hobbyists, early technology adapters and site owners that getting/setting up a SSL certificate is hard and it is not needed for some set of their scenario and that this is blocking…

2

Providing Custom Data in an Information Card

  Customers and partners exploring the possibility of becoming identity providers have provided us consistent feedback about the need to provide users with more information.  Identity providers want to be able to provide users with contact information, usage guidelines, etc. ( or as we like to call it ‘ back of the credit card information’…

1

First Time Sign-in Experience

One of the biggest goals for CardSpace in the .NET Framework 3.5 is to simplify and improve the user experience. We’ve received a lot of feedback regarding the complexity of our UI and scenarios. One area we decided to improve was the first time sign-in experience. Given that this scenario is most likely how a…

6

How Identity Providers can show custom error messages in CardSpace

  Wouldn’t you like to show your users a custom error message instead of this generic one?       Now you can with the latest .Net Framework 3.5 release (Beta 2 as of this blog). Your Identity Provider can simply return a SOAP fault and CardSpace will display the Fault Reason Text.  This feature…

7

User Experience Changes to Site Information Page

Based on feedback from usability studies and CardSpace users we made a number of changes to CardSpace in the .NET Framework 3.5 release. Some of these changes were designed to make CardSpace easier to use.  The first of these changes we’ll describe are to the page shown the first time you visit a site. This…

3