It took quite a while, but by now it is out. Please welcome the Windows CardSpace Information Card extensions for OpenSSO: https://opensso.dev.java.net/source/browse/opensso/extensions/authnicip/ When I started working on this last spring, I was not even hoping to see this released in open source and part of the OpenSSO extensions family in less than a year. It took the goodwill and talent of quite a few people to get this off the ground, but with the public release of this code and the upcoming

Superpat postet here that there is now a new opensso extension that enables opensso to be an information card relying party. Patrick Petit (pictured) who wrote this extension uses the xmldap library to process the xmltoken. Great. Note to self: be carefull when changing the xmldap codebase. Don't break this opensso extension. Another (simpler) SUN access manager login module is described here . I am glad that Patrick improved my demo-grade login module to opensso quality. Thanks you.

Pat , Ben , and Kim have been talking about the use of password tokens for use with Windows CardSpace. Pat's detailed description of how this could work is quite useful, and can be extended in some interesting ways: 1. Create a single-use password deployment If we change the default WS-Sec username/password token to not only include the username and the password needed to login, but also a newly IdP generated second password that replaces the old one on the RP, we would get a single-use password.

Not about SCUBA this time: we are right now visting in Redmond so we can test our implementation of a Windows CardSpace compatible IdP against Microsoft's implementation. Eventually, we will (hopefully) make this code available to the OpenSSO community through an OpenSSO Extension. At the core of the integration, we (Paul, Jiandong ,Mrudul, and I) have integrated the Metro/WSIT WS-Trust STS into OpenFM and created a simple cardfactory to produce CRD files (a big thank you to Chuck from here for letting