Information Card Foundation

ICF will be an active participant in the OASIS IMI Interop to be held next week at the 2010 RSA Conference at the Moscone Center in San Francisco. The Interop will focus on demonstrations of the GSA ICAM IMI 1.0 Profile for use of Information Cards to U.S. government identity assurance levels.

Contributors to the ICF presence at the Interop include Avoco Secure, Azigo, the Province of British Columbia, Equifax, Meristic, Microsoft, Openinfocard, and PayPal. They will be demonstrating Information Cards, relying party sites, and selectors compatible with the GSA ICAM IMI 1.0 Profile.

The IMI Interop will be held in the OASIS booth (#2545) on the RSA show floor. The booth will be open:

• 6-8PM Monday March 1
• 11-6PM Tuesday March 2
• 11-6PM Wednesday March 3
• 11-3PM Thursday March 4

Currently IMI Interop presentations are scheduled every two hours during the day in the booth. Direct interop demonstrations will be going on continuously. We invite you to come by the booth and visit us.

ICF will also be participating in a major announcement about the establishment of new infrastructure for online identity assurance – watch for further information here.

Lastly, the ICF Board of Directors will hold a face-to-face meeting from 3-7PM on Thursday March 4 at SPUR, 654 Mission Street (two blocks from Moscone).

ICF Executive Director Drummond Reed just returned from a two-week trip to the EU. He shares the following observations:

My first stop was giving a keynote at the NordSec conference in Oslo, wonderfully organized by Dr. Audun Jøsang of the University of Oslo. The agenda was one of the richest of any conference in my recent memory; I found myself taking notes constantly on talks covering STORK, ID management based on mobile SIM cards, and privacy risks in Web 2.0, among other topics.

The day ended with a panel on “Global identity management – a threat or an opportunity for privacy?” I spoke strongly in favor of the opportunity Information Card technology offers for privacy protection, and how the U.S. government’s open identity solutions initiative is taking advantage of this. That initiative and the ICF/OIDF open trust frameworks project drew a great deal of interest among the largely EU-based audience—its potential for helping “raise the bar” on Internet privacy was one the main themes of the panel.

ICF Executive Director Drummond Reed and OpenID Foundation Executive Director Don Thibeau will present the foundation’s joint Open Trust Framework at the OASIS Identity Management 2009 conference tomorrow at the NIST headquarters in Gaithersburg, Maryland. The theme of the conference is Transparent Government: Risks, Rewards, and Repercussions.

The Open Trust Framework, summarized in the OIDF/ICF joint white paper Open Trust Frameworks for Open Government, is a mechanism that enables relying parties (the websites and services that accept open identity credentials such as OpenID or Information Cards from individuals) to verify that identity providers (the third parties providing such credentials on behalf of the individual) are certified to provide those credentials at the level of assurance (LOA) the relying party requires.

In the case of U.S. government, for example, there are four LOAs defined by NIST and the Office of Management and Budget (OMB), each with its own level of identity proofing, security, and privacy requirements. With the Open Trust Framework, U.S. government websites will be able to determine if a particular identity credential meeting the ICAM OpenID 2.0 profile or IMI Information Card 1.0 profile at a particular LOA was issued by an identity provider certified to meet the U.S. government requirements at that LOA.

-Government Embraces Innovative Technology to Support Citizen Participation-

(For more details about this release, please see our Open Identity for Open Government FAQ)

Washington, D.C. - September 9, 2009 - Ten industry leaders - Yahoo!, PayPal, Google, Equifax, AOL, VeriSign, Acxiom, Citi, Privo and Wave Systems - announced today they will support the first pilot programs designed for the American public to engage in open government - government that is transparent, participatory, and collaborative. This open identity initiative is a key step in President Obama's memorandum to make it easy for individuals to register and participate in government websites - without having to create new usernames and passwords. Additionally, members of the public will be able to fully control how much or how little personal information they share with the government at all times.

These companies will act as digital identity providers using OpenID and Information Card technologies. The pilot programs are being conducted by the Center for Information Technology (CIT), National Institutes of Health (NIH), U.S. Department of Health and Human Services (HHS), and related agencies. The participating companies are being certified under non-discriminatory open trust frameworks developed under collaboration between the OpenID Foundation (OIDF) and the Information Card Foundation (ICF) per the federal government Trust Framework Provider Adoption Process.

The Information Card Foundation is pleased to welcome the newly-formed German Language Chapter to the Foundation. The chapter facilitates activities and discussions about Information Cards among German-speaking people, primarily from Germany, Austria, and Switzerland.

The first meeting of the chapter was held this week at the European Identity Conference in Munich, and was enthusiastically attended by approximately 25 people representing at least 17 companies and organizations. 7 presentations were made about Information Card projects happening in the region.

The German Language Chapter hosts its own website at http://informationcard.de/.

Willkommen!

Kuppinger Cole, organizers of the European Identity Conference 2009 (EIC) taking place from May 5-8 in Munich, Germany, announced today that they have conferred the European Identity Award for Best New or Improved Standard to the Information Card Foundation.

The award was granted for the ICF's contribution to standardizing Information Cards as a core technology for the future of identity management. It was accepted by ICF board members Paul Trevithick, Axel Nennker, Kim Cameron, and Mike Jones, all of whom are attending the EIC.

"On behalf of the Information Card Foundation, I want to thank Kuppinger Cole and the EIC for this honor", said Drummond Reed, ICF Executive Director. "The purpose of ICF is to bring an open community together to advance Information Card standards, implementations, and practices around the world, and this is a sign we are making real progress."

Kuppinger Cole also issued every registered user of the EIC conference a managed Information Card that can be used to enter the conference portal at www.kuppingercole.com. These cards were issued using the Webcard Loyalty portal service provided by ICF member fun communications.

The EIC also hosted in the inaugural meeting of the German Chapter of the ICF. Further reporting on that meeting will be posted once the EIC has concluded.

SPECIAL TO RSA-San Francisco-April 20, 2009-The Information Card Foundation (ICF) announced today the first seven Information Card projects to be featured on the new ICF website. The new site will be unveiled at a presentation at the RSA Security conference at the Moscone Center in San Francisco today. The announcement will be part of the Harnessing the Power of Digital Identity workshop the ICF is co-sponsoring with the Liberty Alliance on Monday, April 20. The presentation will be held at 2:15 p.m. at Esplanades 301&303 ("Purple 301&303"), Moscone Center.

The seven projects are actual examples of how the Information Card ecosystem simplifies and standardizes identity-based transactions regardless of the site, domain, application, or information involved.

"Just as people needed to first see a Web browser to understand what it could do, now they need to see an Information Card selector to understand its potential," said Drummond Reed, Interim Executive Director of the ICF. "Information cards have moved beyond theory to solve real-world challenges."

Information Cards bring a familiar offline paradigm-the cards you carry in your wallet-to the online world. They work with a new software tool called a selector that operates as an extension to your Web browser. Selectors are available today from ICF members Azigo, Microsoft, and Novell, as well as from several open source projects.

The seven projects to be featured include:

SPECIAL TO RSA-San Francisco-April 20, 2009-At the RSA Security conference beginning today at the Moscone Center in San Francisco, the Information Card Foundation (ICF) announced publication of a new white paper on Information Cards by noted industry analyst Craig Burton. The Information Card Ecosystem: The Fundamental Leap from Cookies and Passwords to Cards and Selectors explains why the Information Card metaphor is being recognized across the industry as the future of digital identity both in the enterprise and on the Internet.

"This is the first analysis of digital identity that explains why Information Cards are an inevitable next step in the evolution of relationships on the Internet, just as cookies were in the 1990's," said Mr. Burton, principal analyst at Burtonian and former CTO of Novell. "Cookies solved the problem of how a user could share information across the pages of the same website. For example, without them, e-commerce shopping carts would not work. Information Cards solve the next wider problem: how a user can safely share private information across completely different websites of their choosing."

The paper uses the common example of booking travel. Today, a traveller must re-enter their trip details into every travel site they visit. Even though that travel site may set a cookie to recognize the returning user, that's all the cookie can "remember". With Information Cards, the traveller will be able enter the trip details once, then use an Information Card to securely and privately share it with each travel site they wish in one click.

The Information Card Foundation announced today that Charles Andres, Executive Director of the Foundation for its first 18 months, is stepping down to pursue other opportunities. Mr. Andres states, “My goal was to get the Foundation off the ground with the critical mass of high-quality individuals and companies needed for success. Having achieved that, it is time for me to move beyond the neutral role of Executive Director. The global business opportunities for Information Cards touch every market.”

Under his tenure, the ICF grew to 35 member companies, established five working groups, and developed the ICF Claims Catalog. Mr. Andres was also instrumental in organizing the Harnessing the Power of Digital Identity seminar to be held April 20 at the RSA Security Conference in San Francisco, which the ICF is co-sponsoring.

ICF board member Drummond Reed is taking a leave of absence from the board to assume the role of Interim Executive Director. A founder of Cordance Corporation, former VP Infrastructure at Parity Communications, co-chair of the XRI and XDI Technical Committees at OASIS, and a founding board member of the OpenID Foundation and XDI.org, Mr. Reed has been involved in Internet identity infrastructure and services for over 15 years.

“I look forward to quickly building on the foundation Charles and the ICF founding members have established. Information Cards, selectors, and the Identity Metasystem represent an opportunity for convergence across all Internet identity protocols; the faster we can foster adoption the sooner we will harvest the personal, social, and commercial benefits of a ubiquitous Internet identity layer.”

Mr. Reed can be contacted in his new role at director ---@--- informationcard.net.

The prospect of digital identity working at Internet scale—and Internet strength—has occupied the attention of many in the industry for the better part of a decade. Perhaps that should come as no surprise—cross-domain authentication and authorization has long been one of the thorniest problems in networking. Blow it up to Internet size—and add the Internet’s staggering diversity—and even Don Quixote might start looking for a more possible dream.

Yet twice before the Net has beaten such interoperability odds. It owes its very existence to a no-frills internetworking protocol—TCP/IP—emerging from a thick protocol soup to become a lingua franca of packets. Less than two decades later another minimalist approach—HTML—turned the universe of information into a World Wide Web by giving us a universal way to link content.Could there be a hat trick for the Internet identity layer? And if so, what’s under the hat?

When I first started reading about Information Cards in Kim Cameron’s blog posts in 2004, it was a disarmingly simple metaphor: no more than the online equivalent of the cards we carry in our wallets to prove our identity and use for transactions every day. Could such electronic cards really be the key to an “identity metasystem” that can bridge security and privacy domains the same way Web pages bridged content domains?