Microsoft announces OpenID support in CardSpace

Two of the most prominent identity technologies come together to deliver a "phish-proof internet".

Microsoft has announced plans to support the OpenID authentication platform as part of its CardSpace digital identity technology.

Speaking at the RSA Conference in San Francisco, Microsoft co-founder Bill Gates outlined the company's refreshed identity strategy - including support in Windows CardSpace for the OpenID 2.0 identity standard. As part of an interoperability agreement OpenID will also be extended to handle phishing-resistant credentials, adding a new layer of trust to ecommerce sites.

Originally designed by Brad Fitzpatrick, chief architect at blogging platform developer Six Apart for use in cross-blog authentication, OpenID has rapidly become a key digital identity technology, allowing identity assertions to be shared across multiple systems. While other identity systems work well in closed enterprise networks, OpenID has been designed from the ground up for handling identity on the public internet. Microsoft's collaboration with the OpenID project will add support for strong credentials. As many sites and services already use OpenID, this approach will open up much more of the web to Microsoft's fledgling CardSpace.

Key open source developers have welcomed the news; Fitzpatrick described Microsoft's involvement in the project as "great". OpenID can already use Kerberos, voiceprints, and Jabber JID as authentication components, and he sees CardSpace as another authentication technology. CardSpace authentication will bring OpenID support for the WS-Trust web service standard, and Microsoft will be supporting OpenID in future identity server products.

Microsoft's Chief Architect of Identity Kim Cameron calls OpenID "a really great technology for doing public identities - the simplicity is stunning" and suggests that "It's one of the things that will really drive us towards the identity Big Bang. And the whole world will benefit."

Sxip Identity's Dick Hardt agrees that this is a major endorsement of OpenID, and Sxip will be working with Microsoft to add CardSpace Information Card support to their existing OpenID products. These include an open source distributed identity plug-in for any web site, and a range of identity appliances that provide identity management and integration tools for businesses. Other partners include JanRain, which supplies the code many web sites use to work with OpenID, and Verisign.

Kim Cameron has described the solution to the problem of identity as a metasystem, where different technologies cooperate to share assertions and authentications. OpenID is part of this identity metasystem, and has already converged with technologies like Yadis, XRI and Sxip. Its strength lies in its wide adoption by so many different platforms and technologies There have been concerns about Microsoft's involvement with the OpenID specification, but Cameron and the OpenID are both convinced that Microsoft will not exert undue influence.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems
ethical hacking

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems

5 May 2021
Security researchers take control of a Tesla via drone
ethical hacking

Security researchers take control of a Tesla via drone

5 May 2021
Best free malware removal tools 2021
Security

Best free malware removal tools 2021

5 May 2021
Acuant acquires identity verification provider Hello Soda
mergers and acquisitions

Acuant acquires identity verification provider Hello Soda

4 May 2021

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021