The Information Card Foundation (ICF) has been affiliated with Identity Commons since ICF's founding in June of 2008. Identity Commons is currently a loose-knit affiliation of different groups and organizations working together to create an identity layer for the Internet. It is perhaps best-known for its semi-annual conference, Internet Identity Workshop (now known as “IIW”), which brings together a wide range of people active in the Internet identity community to forge the protocols, policies, and partnerships necessary to produce an identity layer serving all constituencies: people, for-profit companies, non-profit organizations, and governments.
The current Identity Commons is actually the second generation of an organization originally founded by Owen Davis and Andrew Nelson in 2002. That organization subsequently transformed itself in 2005 into the current Working Group structure in order to foster collaboration between a diverse set of groups that include legally incorporated entities such as the ICF, the OpenID Foundation, and XDI.org, as well as internal Identity Commons Working Groups that are not separate legal entities, such as IIW, OSIS, ID Legal, Project VRM, and Kids Online.
Although Identity Commons has always been a non-profit corporation, the second-generation entity has never raised funds beyond its modest operating expenses (less than $5000 per year). This past summer, interest grew in creating a third generation of Identity Commons that could serve as a much more robust “upside-down umbrella” organization for funding and coordinating work across the entire ecosystem of efforts on Internet identity, data sharing, and relationship management.
Seattle WA – September 27, 2010 – Last month, at the Privacy Identity Innovation 2010 conference in Seattle, Microsoft Senior Program Manager Christian Paquin hosted a session on the U-Prove minimal disclosure technology. ICF Executive Director Drummond Reed interviewed Christian for the following in-depth Q&A about U-Prove.
Q: First, can you tell me what is U-Prove?
A: U-Prove is an innovative privacy-enhancing security technology that can help people protect their identity-related information. U-Prove combines the security of PKI (public key infrastructure) with the flexibility of federation technologies that allow people to link identities across domains. And it does all this while providing privacy-by-design. That makes the U-Prove technology ideally suited to protect claims (attributes) in user-centric identity systems.
Q: Microsoft made a major announcement about U-Prove at RSA in March. What was the essence of that announcement?
A: The initial release of the U-Prove technology we announced at RSA consisted of two parts. First, we released the U-Prove specifications, published under the Open Specification Promise (OSP), so anyone can implement and use them freely and for any purpose. The first specification describes the core cryptographic protocols, and the second is a WS-Trust / OASIS IMI profile (the protocol used for Information Cards). We also released two open-source Software Development Kits (SDK) – one in C#, one in Java – implementing the core cryptographic specification.
Mountain View, CA – November 2, 2009 – Avoco Secure, a leading security, digital identity, and digital signature vendor based in the U.K., announced at the OpenID Summit today that it is releasing the first commercially available Information Card selector software that operates completely “in the cloud”. Called CloudCard, it is a standard Information Card selector implementation that requires no installation and works from any conventional browser on a desktop, laptop, or mobile device.
Susan Morrow, Product Manager for CloudCard, demonstrated today how it eliminates the need for local client software, which is one of the barriers to widespread adoption of the Information Card digital identity standard. CloudCard uses the standard IMI 1.0 Information Card format and protocol so it works immediately with any Information Card issuer. Websites that wish to accept Information Cards from CloudCard currently need to add some simple custom HTML code to their web page, but according to Ms. Morrow this step is easy compared to the hurdle of requiring users to install a desktop selector, and Avoco plans to standardize this special code so it can be used with any cloud selector.
Avoco will demonstrate CloudCard again tomorrow at the Internet Identity Workshop in Mountain View.
Although a formal announcement from OASIS is not expected until next week, the Identity Metasystem Interoperability Version 1.0 specification was approved as an OASIS standard today by a unanimous vote of the OASIS members participating in the vote. According to IMI Technical Committee editor Mike Jones of Microsoft, "This is a wonderful endorsement of the work of the IMC TC. The standard benefitted substantially from the input received during the process. Numerous clarifications were incorporated as a result, while still maintaining compatibility with the earlier Identity Selector Interoperability Profile V1.5 (ISIP 1.5) specification."
Mr. Jones acknowledged this was a broad community effort, spanning many individuals and organizations. Many Information Card Foundation members were involved, and others are currently implementing products and services based on the specification. Said ICF Chairman Paul Trevithick of Azigo, "Reaching the level of an OASIS Standard is a major milestone for the Information Card community. It attests to the maturity of the IMI 1.0 specification. Now ICF can place more emphasis on the other elements necessary for widespread adoption, including reference implementations, best practices, trust frameworks, and market education."