Upon 2020

There are lots of things that are right about Microsoft InfoCard

I realized that some people might interpret (construe?) yesterday’s post about InfoCard Issues as some kind of attack. This is not my intention. There are many things that are right about InfoCard, and I definitely want to acknowledge that, and publicize that.

So here is my current list. If you have comments or things to add to the list, please leave me a message.

  • InfoCard is timely. As the number of website registrations (and corresponding scams) keeps going up as it does, we need improve security across the board, and InfoCard certainly can help with that.
  • If things keep going well, Kim and his colleagues at Microsoft will have done us all (and I mean the entire industry) a great favor. There are some things that only Microsoft can do in this industry. This is one of them, which is why I agree with Kim that there is a great opportunity here to get this right. (and which is the reason I point to the things that might be going wrong.)
  • The visual metaphor of cards for InfoCard, while not new, is a good one for the kinds of use cases that InfoCard is after.
  • Starting from a list of principles (his laws) was a very good approach to take to come up with a design. Lots has been written about those, and I don’t think I need to add to those.
  • Building on top of standard protocols was the right choice. Not too long ago Microsoft would have built its own protocol, and it’s a sign of the times, and of the influence of people like Kim, that that ain’t so any more.
  • Microsoft is not the sole identity provider, as they were in case of Passport.
  • Last week, I saw Kim demo how to use InfoCard to log into Word Press. He said it took about a 100 (I think that’s what he said) lines of code in PHP and he was going to publish that code on his blog. If it is indeed that easy for a LAMP-based app to make use of at least some basic features of InfoCard, that’s a great thing and takes off a lot of the WS-* concerns about InfoCard (see also Julian Bond’s enthusiastic comment)
  • This week’s positioning of InfoCard in the press was very clever. Instead of even talking much about identity, it was essentially positioned as a password manager with a pretty GUI. That might make some people uneasy, but I think it is a good way of educating the public.
  • Of course, after Scobleizer Kim has probably done more than anybody at Microsoft in recent years to reach out and have a dialog with the market. I’m sure he’s getting a least some grief internally about that, but it’s great he is doing it. Certainly I have benefitted from that, and many others.

I’ll add to this list as I think of more …

Johannes Ernst