Conor has graciously explained the “strangeness” I felt in the Advanced Client scenarios. He explains that this part of advanced client work:
addresses the problems involved in provisioning functionality to a secure container that is associated with a user somewhere nearby
That snippet was enough for me to grasp it. Read the rest of what he has to say for more.
I wanted to clarify on two points he made. First:
Ian seemed to connect this work to Cardspace, Higgins, and OpenID. I am not aware of this connection.
Agreed. This was a case of my braining running ahead of my hands. I started with the ICP stuff and somewhere along the line my brain hopped on to a different topic… sorry, lack of conversational turn signals. This (barely) provides a little bridging between my thoughts.
Second:
Ian seemed to think that this provisioning was just about provisioning a credential. That isn’t the case.
That would be my user provisioning baggage. Account/credential = functionality. Dogmatic on my part. The reality is that a collection of attributes can (and do) define different sets of functionality and/or access. We used to call them virtual accounts in my IBM days.