Identity.

It's our perception of who we are, or who we want to be. It's others' perceptions of who we are. And for some bad guys, it's just merchandise to steal and sell.

However we look at it, identity is a key part of our online lives, and online, we may juggle several identities.

There's the business identity who sends and receives e-mail from a work account, on a company owned computer. There's the private e-mailer, and the blogger, and the IM user, and the secret identity as the hero in a role playing game. There's the online banking customer and the movie renter and the wiki poster.

Each of these identities carries with it certain pieces of ourselves (and possibly a few fictional elements).

It also comes with a user ID and password to remember, information that can be misappropriated to embarrass or incriminate us if the wrong person lays hands on it.

We've seen a few — ahem — less than wonderful schemes to help us manage our identities without the burden of a zillion passwords. Microsoft's contribution to the realm was Passport, which it hoped would be adopted industry-wide. Passport was supposed to hold your digital identity, so when you logged on to it, you instantly gained access to all sorts of services, from Microsoft and its partners.

It didn't quite work that way. People used it only when they absolutely had to, and partners avoided it in droves.

Microsoft finally realized that people were not overly enamored with the idea of entrusting their digital identities to a single software giant with vested interests. One company simply cannot be the gatekeeper for the entire Internet. As the company said in its 2005 paper, Microsoft's Vision for an Identity Metasystem:

Identities can be in or out of context. Identities used out of context generally do not bring the desired result. For example, trying to use a coffee card to cross a border is clearly out of context. On the other hand, using a bank card at an ATM, a government-issued ID at a border, a coffee card at a coffee stand, and a Passport Network (formerly .NET Passport) account at MSN Hotmail are all clearly in context.

"In some cases, the distinction is less clear. You could conceivably use a government-issued ID at your ATM instead of a bank-issued card, but if this resulted in the government having knowledge of each financial transaction, some people would be uncomfortable. ... And you can use Passport accounts at some non-Microsoft sites, but few sites chose to enable this; even where it was enabled, few users did so because they felt that Microsoft's participation in these interactions was out of context.

Still, the company remained convinced, rightly so, that a robust, secure, universal way to verify identities online was necessary to enable its vision of the connected world, with its reliance on Web services. This scheme had to be vendor-neutral, not just Windows-based, and capable of dealing with various types of authentication without overburdening the user.

This led to the development of what author and Microsoft architect Kim Cameron calls the Laws of Identity, a set of fundamental principles for a universal identity architecture that is still being honed by Internet debate.

And this leads us to InfoCard.