This Blog Is Not Updated Any More.

Check out my new blog on Medium:

Topics: Identity and Access Management, Blockchain, Ethereum, Bitcoin, Security, PSD2, GDPR

Saturday, December 15, 2007

OpenID with Cardspace

I assume you've already heard about Windows Cardspace, which comes with .NET Framework 3.0. If not, following are few good references which you could go through.

1. MSDN Webcast: Windows CardSpace (Level 200)
2. MSDN Webcast: Exploring Windows CardSpace
3. MSDN Webcast: Introduction to Windows CardSpace

So, we are back to the subject, what OpenID has to do with Cardspace? Cardspace [Infocards] removes the issue of phishing attacks - while OpenID not. [but, still there are few ways you can make OpenIDs not susceptible to phishing attacks - one such way is the SeatBelt addon for FireFox].With OpenID, at the relying party,when you type your OpenID, you are redirected to the OpenID Provider site for authentication and again redirected back to the original site [the relying party]. With OpenID Infocard, we remove this redirection step. At the same time - we loose the SSO [Single Sign-on] capability, which is normally available with OpenID, but not with Infocards.

So - get ready for a demonstration.

1. Go to, and create a profile for you - just a user name and a password.

2. Go to [openID Infocard Provider], enter Card Name, User Name and Password - which you created in Step 1, then Click to download the OpenID Infocard.

3. Make sure you have .NET 3.0 and IE 7 installed. Just click on the downloaded file and install it in the Windows Cardspace.

4. Now go to the relying party site -, Click on the image to login with your OpenID Infocard.

5. Now the Identity Selector will pop-up - so you can select the Infocard, that you installed - select it and 'Send' - enter your password.

6. Now you are done and on the required page, with no redirections.

This is a simple and very basic demonstration - and it hides your OpenID till you finally logged in.

At WSO2,we have the WSO2 Identity Solution - which enables LAMP and Java websites to provide strong authentication based on the new interoperable Microsoft CardSpace technology. Right now we are also working on integrating OpenID support for WSO2 IS.