Eh, What? CardSpace Is the Most “Revolutionary”

Last night I went out with a kindred .NET developer buddy to grab some drinks and play pool (I have been practicing for about 6 months now). We got into discussing work that we have been doing with NetFx3, like WCF, WPF/E (or whatever it is called this month, SilverLight I think), along with some general development stuff that we found neat (like our Orcas experiences thus far). So, we started to discussing what, out of all these new technologies that are presented, which we felt was the most compelling and offered the most “revolutionary” introductions in regards to organizations that employ heavy .NET applications into their traditional development. Basically, what ones we thought would have and continue to have the largest footprint in the industry currently and for time to come.

My buddy said, without a doubt, WF is the one that is going to change the way that we approach customers with proposed solutions, and how those actual solutions are developed and maintained. He stated that things like the activity model and the rules engine are pieces of something that although needs to evolve slightly to be perfected, is going to change the way that businesses automate legacy business processes. That part I can agree with. I think that the WF is a very good start of something that all developers that do business development have been hungry for, for quite some time, and I will continue to use it heavily as made experiences thus far have been enjoyable.

But, on the other hand, I couldn’t disagree more with what is the most important, and will leave the largest footprint. Introducing a managed model for building workflow – aware applications is all fine and good, and will make functionality that normally had to be written manually much quicker to get pushed into a production environment and consumed by business users. Hell, I have been using it daily and find it very, very nice to program against, and am happy I don’t have to use a poorly constructed shared library I have been using for about three years. But, for myself though, CardSpace (and it’s inherent relation to WCF I suppose) is easily the most “revolutionary” piece included with NetFx3, albeit the most overlooked one and ones that people disregard the most. Maybe not in terms of development, but I am talking about a larger, more rippled industry footprint.

Why? Well, looks look at the business problems that each of these pieces my buddy and I are trying to solve when we are considering our arguments. CardSpace introducing a piece (by the means of an identity selector in Windows, because of the reach of the Windows OS is obviously rather vast) of an identity metasystem isn’t doing something like automating business processes or making your web applications look pretty. CardSpace is promoting a piece of an entire metasystem that would affect, and require the participation of, a large amount of groups, based on agnostic WS-* protocols so all types of systems can tap into it, changing the way that people interact with their, manage, and exploit their digital identities. We are talking about big stuff here, this is a “revolutionary” concept. Ok, maybe I am biased because I like the study of security more than business development, but, meh.

An identity metasystem is not a possibility IMHO, its an eventuality. It is going to happen, one way or another, identity problems are doing nothing but growing more and more of a concern for the general populous and organizations everyday. How often do you see in the news a headline saying “Criminals Acquire Sensitive Organization Information From Poorly Automated Business Processes” or “Company Is Mad Because They Had To Hire A Bunch Of Developers To Build Workflow Applications”. Um, not very frequently. It is a lot more common to find headlines about people stealing people’s identities, etc. and wreaking general havoc on peoples life’s following. I mean, lets look at just some a brief set of things that CardSpace is going to implement in terms of an identity selector plug into an identity management system.

User Managed and Control Over Their Identity Information From Origin to Destination

Self-Asserted Identity Information

Standard User Interface To Select Identity Cards (InfoCards)

Secure Housing To Store Identity Information

User Control! Empowering Users With Granular Control!

Etc. Etc. Etc.
Even management suits that are accustomed to pinching pennies can appreciate a cost/benefit analysis of the situation. Although building workflows a lot easier will save a company money, could it really save them more from the possibilities that would ensue if their corporate identity information was disclosed? I personally don’t think so!

I am not discounting the other things that are included with NetFx3, they are important, and really do make our lives as developers much easier. They are great for their purpose. But, I can’t stand when people discount CardSpace as nothing by a glorified password manager, and don’t look at the real benefits and problems that it is attempting to target.

I guess I can end this rant now. :)