InfoCard Insights

While at Internet Identity Workshop 2005 I really enjoyed meeting Kim Cameron in person, along with Mike Jones ... both from Microsoft. They seem to be the current human-side of InfoCards.

I was really waiting to see a good demo of what they are up to, and I have to say that I like the overall solution. It's a very well thought through solution, and I can see why Microsoft is going to move forward with it. I'm not going to get into the good vs. bad debates ... and I'm not going to argue about the evil empire wanting to own all of our identities. Its not about that, and I can see all sorts of places where my companies can participate, and where even those in the Open Source world could jump in if they felt like doing so.

There was one interesting place where I felt that InfoCards is lacking ... and that is removing the tedious re-typing of identity information from the user. I hate entering data into forms. This is why I really like the possible Firefox/IE enhanced form-fill solution. The browser can start to enter information for me ... and only require my approval before posting.

Why I believe that InfoCards is lacking here is the example that I asked Kim about during his demonstration. I wanted to write about it here, hoping that he might offer a different perspective, or explain how I missed something.

Kim explained how I can create new "self issued" identity cards, or can have a card issued to me by a web site or other entity. What was interesting to me was that if the site wanted to issue a card to me, InfoCards would not provide any assistance in providing my information to the issuer about my identity. I understand the security choices here, however this is what I see coming ...

I go to Domino's web site ... they offer to issue me a card. I get a form and hand enter all of my information: my name, phone number, address, favorite toppings, favorite drink. I get a InfoCard from Dominos.

I then go to Wells Fargo's web site ... they offer to issue me a card. I get a form and hand enter all of my information ... again: my name, phone number, address, employment info, etc.

I then go to E*Trade's web site ... they offer to issue me a card. I get a form and hand enter all of my information ... again: my name, phone number, address, SS#, employment info, etc.

I then go to Delta Airlines web site ... they offer to issue me a card. I get a form and hand enter all of my information ... again: my name, phone number, address, seat preferences, etc.

I then go to JetBlue Airlines web site ... they offer to issue me a card. I get a form and hand enter all of my information ... again: my name, phone number, address, seat preferences, etc.



Great ... I get all these cards that are later useful ... but I have had to enter my info over and over and over again. Yes ... I hear the Liberty Alliance folks out there yelling "But we'll federate all of these companies behind the scenes so that they'll all know you!" But I DON'T WANT THAT!

Maybe it's going to take the full combination of technologies to solve this ... I use the Firefox solution (Mike ... hurry up and write that thing!) which actually fetches the form-fill values from a LID or SXIP Identity Store, and then auto-fills the form that gives me an InfoCard. Uh ... it's sounding complex ... but maybe that's it.

Oh ... sorry Drummond ... I'll have to think about where I used the i-Name in there. ;-)