The Chicken and the Egg
You all know the age old question: "who came first, the chicken or the egg". Well, there's been some considerable discussion of late on the subject of how to help foster the growth of adoption of Information Cards and identity selectors such as Windows CardSpace and up-coming selectors such as Bandit.
in one recent discussion I commented that we're in a kind of chicken and egg situation right now - whilst everyone agrees that identity
selectors and information cards are a good thing, it's taking some time for people to evaluate the concepts and ideas behind the Identity Metasystem and to look into actually supporting information cards at their sites. Many relying parties we've spoken to say they'll look into adding support to their sites once there are enough people to warrant doing so (and once there's an identity selector for non-Microsoft platforms, and once ...). Then there are the identity providers - many of whom want us to tell them how they can make money on this thing. Finally, we have users like my Mum & Dad - we can't turn the volume up for this audience until there are places to use their cards and identity providers willing to issue cards.
Keith Brown just posted my comments on his blog and goes on to say:
In my opinion, somebody (Microsoft?) needs to break this holding pattern fast. I agree that things aren't going to take off until there are more relying parties.
We're doing all we can to break this pattern. We were the first (through Kim) to espouse the principles of the 7 laws and articulate the need for and design of an Identity Metasystem. We were the first to release a viable identity selector - Windows CardSpace - and continue to invest heavily in future versions and supporting technologies. We're educating our field and providing them (and partners) with the resources they need to learn and then tell this story. We are working with a very large number of web-site operators and related businesses to take this fledgling concept and technology and help it grow and flourish into the magnificent creature that it promises to be.
But we can't do it all, and we can't do it all ourselves. In fact, we've already tried doing it all and only doing it ourselves, and the world said "no".
We are just part of this story - our many partners and compatriots in this space (IBM, Novell, PingID, VeriSign, OpenID, sxip, BMC, Sun and many, many others) are all busily beavering away, building support for information cards for a variety of platforms, technologies and products. But all our work is in vein unless there are sites that accept cards and identity providers to issue managed cards.
This is where we welcome you, dear reader, to investigate the principles, the design and the implementation of this Identity Metasystem and, if you believe that it's a "good thing", then take action. Join us and add support for information cards to your sites, systems and app's.
The time for nodding in appreciation but standing by and doing nothing is past. While the industry pontificates about the Identity Metasystem being a "good thing", our users (and that includes ourselves) are continuing to suffer from password fatigue at best and phishing attacks at worst.
Together, we can all help stop the rot.
