In Context

It’s a common misconception that Information Card technology is proprietary to Microsoft. In the past there there has been some truth to this, and I realize that most people think it remains true, but it isn’t. Quite the contrary.

The design work behind what is now called Information Card technology started about five years ago at Microsoft, IBM (e.g. in the co-development of WS-Trust), Higgins, and a few other places. The pereception that it was a “Microsoft” technology was created by a series of actions and omissions by Microsoft over the intervening years. Some were intentional, some not. Many had unforeseen consequences.

From the beginning Microsoft was focused on shipping a product as soon as possible. Although getting CardSpace to ship in Nov 2006 was in and of itself a good thing, their lack of progress in other areas had consequences that worked against creating a vibrant ecosystem of interoperable, competing implementations based on open standards.

To some extent getting a 1.0 product out the door so far ahead of when others could ship helped create the perception that indeed this was a Microsoft dominated technology. The other projects were held up a combination of IPR issues, resource issues and the difficulty of understanding how CardSpace worked in some cases. Even little things contributed. For a time Microsoft used the term Information Card in Microsoft documents in a way that implied that it was a Microsoft term rather than an open, industry term. Nor did code-naming the product, “InfoCard”. More troublesome was how long it took Microsoft to release the CardSpace-related IP behind under the Microsoft OSP. Worst of all, it has only been in recent weeks that the last few remaining protocol design documents have been submitted to an SDO–in this case the new OASIS IMI TC.

Of course, Kim, Mike, and others always knew that to be successful there had to be open, standard protocols and multiple competing selectors (and other IdP and RP services) running on all platforms and mobile devices. I’ve always felt that they saw the big picture. And I think it’s fair to say that compared to Microsoft’s normal modus operandi there has been unprecedented level of openness, collaboration, and good will.

And in the end, and to Microsoft’s credit, everything did get done. Today there are open source implementations that interoperate with CardSpace, and in various ways go beyond CardSpace, living in open source projects like Higgins, Novell’s Bandit, OpenInfoCard, Pamela and others. The technology has recently gotten its own Information Card Foundation. The ICF and its members, with the addition of IBM, have provided most of the funding and resources for the OSIS series of interop events involving card issuing sites, selectors and relying sites (and relying apps). The one at RSA had 53 companies and open source projects collaborating together. The next and fourth one will be at DIDW.

So today, Information Card, InfoCard, I-Card (or whatever you call it) technology is open, free, and not a Microsoft proprietary technology.

-Paul

PS: Ben Laurie’s voice is echoing in my head right now. How Information Card implementations work interoperably between Microsoft’s Credentica-developed selective disclosure technology and the IBM Zurich Idemix technology has yet to be seen. I’d say there’s reason to be hopeful. Fingers crossed.