The Mailowl Scrolls

Talking about internet security is like talking about anti-terrorism; there are a lot of sensitive and gray areas which are difficult to solve AND keep everyone happy. If you’re not carefully and cannot immediately solve any technical loophole a listener might have thought about then you’ll very quickly be shot down and dismissed.

I say this because it happened to me this weekend when I was talking to friends about my research of my upcoming talk in April on CardSpace and OpenID. I’m glad it happened though because it’s allowed me to review some of the data I’ve already collected and impressed on me the need to set the scope of my talk to the technology I’m presenting and what they say they offer and not to present it as a solution to internet security.

This weekend I was looking at OpenID and I recommend watching Simon Willison’s screencast “How to use OpenID” as it’s easily understandable and encouraging. I quickly setup a profile (using Verisign) and found it convenient to use.

My next step is to build an ASP.NET 2.0 website which uses OpenID to authenticate users coming to the site and then to build authorization so users can have different roles.

CardSpace is getting the same treat the week after next when I return from Cape Town for a brief holiday; and hopefully by then there’ll be a clear indication of what’s available from the CardSpace/OpenID collaboration.