CardSpace是什么

取代用户ID和密码成为验证网络使用者身份的新途径
,CardSpace沙盒是微软NetFx3.com提供给用户的测试环境,它基于完整的CardSpace技术构建,用来预览未来的身份验证机制,除了传统的用户名密码登录之外,这个站点还支持最新的Windows
CardSpace验证,在沙盒中,你可以:
建立一个使用用户名和密码或自发行的Windows CardSpace Information Card帐户。
把你的帐号和你的Information Cards建立关联.
使用建立的CardSpace Information Card和用户名密码登录到帐号.

参考资料：http://cardspace.netfx3.com/

 

Introduction to Windows CardSpace

Windows CardSpace is client software that enables users to provide their digital identity to online services in a simple, secure and trusted way. It is what is known as an identity selector:  when a user needs to authenticate to a web site or a web service, CardSpace pops up a special security-hardened UI with a set of “information cards”  for the user to choose from. Each card has some identity data associated with it – though this is not actually stored in the card – that has either been given to the user by an identity provider such as their bank, employer or government or created by the user themselves. Having the user as an identity provider sounds a bit strange on first acquaintance – who would trust the user? –  but this is a very common scenario: this is what we do every time we register at a web site. The CardSpace UI enables users to create Personal cards (aka self-issued cards) and associate a limited set of identity data. It also enables the user to import Managed cards from third party identity providers. When the user chooses a card, a signed and encrypted security token containing the required information (e.g. name and address, employer’s name and address, or credit limit) is generated by the idenitty provider that created the card. The user, in control at all times, then decides whether to release this information to the requesting online service. If the user approves then the token is sent on to this relying party where the token is processed and the identity information is extracted.

CardSpace is an identity selector for Microsoft Windows. Other operating systems have their own identity selector implementations (e.g. DigitalMe on the Mac and Linux). The architecture upon which CardSpace has been built – consisting of subjects, identity providers and relying parties – is called the Identity Metasystem. This isn’t just a Microsoft initiative, but rather it is the shared vision of many across the industry as to how we can solve many of the fundamental identity challenges on the Internet today. The initial vision for the Metasystem was developed by Microsoft’s Identity Architect, Kim Cameron, and has been broadly adopted and championed by thought-leaders such as Doc Searls and Lawrence Lessig. To learn more about the Metasystem and the guiding principles behind it (“The Laws of Identity”), refer to the whitepapers on MSDN and Kim’s blog, www.identityblog.com.

FROM: http://netfx3.com/content/CardSpaceIntroduction.aspx