herveyw's blog: Identity and Access Archives

June 29, 2006

WinFX June CTP

http://sts.labs.live.com/ does not presently support the June CTP of WinFX, we are working on an update to the site that should be released in the near future.

There are also a couple of known issues with CardSpace (was InfoCard) in the June CTP:

There is a known bug that affects X.509 certificate CRL checking and results in CardSpace thinking that the certificate is not trusted. It has been fixed in later builds of the product. In the meantime, the workaround is to install the site / service certificate into your CurrentUser / Trusted People store.
If you experience problems launching the CardSpace UI, it's always worth checking the event log for additional information. If the error indicates that the UI could not be initialized and you also see multiple instances of the icardagt.exe process on your machine, then you've run into another known process management bug. This has also been fixed in later builds. The workaround for this issue is to kill all the running icardagt.exe processes using, for example, the Task Manager, then do "net stop idsvc" from a command prompt and try again.

Posted by herveyw at 11:27 PM | Comments (0)

June 06, 2006

InfoWorld Discovers the STS

InfoWorld has discovered the Microsoft Live Labs STS. This wasn't by design, we're keeping a low-profile at the moment while we work through early teething problems.

Speaking of which, we posted a Known Issues page today that covers some of the problems that you might experience when working with the site and the STS itself. We also tweaked the site a little to handle Windows Live ID authentication problems in a more graceful fashion.

Posted by herveyw at 04:19 PM | Comments (0)

May 31, 2006

Microsoft Live Labs STS

We've opened the doors on our experimental Security Token Service today, you can find all the details here.

For the moment, the focus of the STS is on using the InfoCard technology in WinFX Beta 2 to enable authentication with the STS and to obtain a security token from it (SAML 1.1).

Of course, an STS isn't much use without sites or services that use it for authentication, so we've also enabled the Microsoft Live Labs Relay Service to use the STS. Better still, we allow you to register your own site or service and federate with the STS yourself.

Over the coming weeks and months, we are planning a series of incremental feature releases for both the STS and the Relay service.

The official blog for the STS is here; the blog for the Relay is here.

Posted by herveyw at 12:45 PM | Comments (0)

May 13, 2005

Identity Backgrounders

A couple of documents worth reading to get some context on what we're doing in the Identity space:

The Identity MetaSystem
The Laws of Identity

Posted by herveyw at 10:46 PM | Comments (0)