A negative view on identity federation

[Anders Rundgren]

http://idtrust.xml.org/blog/identity-evolves-why-federated-identity-is-easier-said-than-done

Although I seldom agree with this particular author, I think he is perfectly right
that federation for individuals has a more limited scope than originally anticipated.
Particularly banks are unlikely to jump on the federation band-wagon. Unless they
run the IDP of course :-)

That is, NSTIC's vision of a *single* credential replacing passwords is a pipe-dream.

What you need is rather a scheme where the "token necklace" is replaced by a
small set of tokens, where some of them are capable of supporting multiple and
*independent* IDs.

This is way outside of what the token vendors currently offer...

--anders