At the core of this technology are the so-called U-Prove Agents. These agents are intermediaries between websites and allows users to share their personal information in a way that helps protect their privacy. U-Prove Agents exist explicitly to represent the users’ interests in choosing to share (or not to share) their personal information with sites on the Internet.
Specifically, the Agent provides a mechanism to separate the retrieval of identity information from trusted organizations from the release of this information to destination sites. The underlying mechanisms help prevent the issuing organizations from tracking where or when this information is used, and to help prevent different destination sites from trivially linking users’ actions together.
The Agent is composed of a cloud-hosted service and optional client components. The cloud-hosted Agent can be used with all major browsers on Windows, MacOS, and several smartphones. The first optional client component is a Silverlight component which enables local storage of U-Prove tokens and enhances the privacy and security for the user. The second optional component is an IE plugin that looks for a U-Prove Agent object tag in the RP page and manages the launch of the Agent to ensure the user‘s choice of agent, if one was made, is respected. A second variation of the IE plugin that provides access to a smartcard for the purposes of two factor token binding is also available.
For the R2 CTP, available via the link mentioned above, Microsoft delivers a new documentation set, WIF Extensions that allow .NET developers to build applications that support the U-Prove token and protocols and a RP Toolkit, which contains a set of templates for Visual Studio for developing claims-aware ASP.NET applications with U-Prove capabilities.