View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
February 14, 2007

Microsoft embraces open web identity scheme

At the recent RSA conference, it was announced that Microsoft will support and help develop the OpenID digital identity specification, one by-product being that OpenID will integrate with CardSpace, Microsoft's own identity handler within Vista. This move to an open initiative should be welcomed, although enabling CardSpace to be inclusive of other open identity schemes would be a plus.

By CBR Staff Writer

Anyone with a modicum of experience on the web knows the repeated trial of registering their identity with individual organizations’ websites in order to gain access to services, and would not even ask why a common web identity would be valuable.

The trouble is that, in their real lives, everyone has a number of identities, individually related to different work roles within their own organization, via collaborative ventures, and a range of personal activities and interests. Single sign-on systems long ago achieved automated presentation of the credentials relevant to a given website for a single logged-in identity, but would fail to represent multiple identities.

CardSpace – formerly referred to as InfoCard, but now renamed by Microsoft – allows Windows users to automatically pass credentials and personal information to websites when they log in. It was released in Vista, where it is deeply integrated with the operating system, but is also available as an add-on for Windows XP.

A user would commonly set up one or more ‘cards’ within CardSpace, with each instance representing a role that the user undertakes, in either the consumer realm or enterprise use. CardSpace software determines which sets of identity details held by the Windows user can match the policy requirements of the site or service being accessed, and provides a user interface with which the user can check the site is safe, and select which identity details and attributes they wish to share.

OpenID is intended to work as a web address that guarantees a user’s identity, which is provided by an identity provider that forms part of a decentralized network. Users can supply this web address when logging on to a site, whereupon the OpenID scheme checks and verifies that site, and supplies the user’s credentials as appropriate. It can be compared to Microsoft’s own aborted Passport scheme, which was intended to enable users to log into a range of websites with a single web identity, managed by Microsoft, except that Passport was run entirely by Microsoft (and therefore attracted considerable suspicion) – OpenID is decentralized, and also supports multiple identities.

OpenID is to some extent plucked from obscurity with the Microsoft announcement; unlike the parade of major names behind many a nascent initiative, its main participants are vendors Sxip, VeriSign, and JanRain – many of its current users are bloggers who value the mobility between the sites they visit, but it is not in wide use.

Microsoft was open in its announcement about the need to extend the current specification of OpenID, especially to address its current vulnerability to ‘phishing.’ Craig Mundie, Microsoft’s chief research and strategy officer, acclaimed the potential of the collaboration, and said that the company’s participation would enable OpenID to deal with its remaining security issues.

Content from our partners
Technology and innovation can drive post-pandemic recovery for logistics sector
How to engage in SAP monitoring effectively in an era of volatility
How to turn the evidence hackers leave behind against them

The extent to which we are nowadays dealing with a different Microsoft mindset was evident from the company’s identity guru, Kim Cameron, who commented that, We need a pluralistic system that supports lots of different identity providers, lots of different technology providers…

Others connected with the venture indicated that potential developments could see OpenID providers use the Microsoft ‘cards’ to authenticate a new user applying for an OpenID identity, or CardSpace used to manage OpenID credentials via an integration within Vista.

Above all other issues, identity is no doubt the key to unlocking the value available from high-benefit, web-based services. Microsoft’s move to embrace a community-based, open initiative is therefore welcome, although we now hope to see the company continue to keep it as open, and also move to be inclusive of other open identity schemes.

Source: OpinionWire by Butler Group (

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.