February 7, 2007
OpenID and CardSpace integration
Working at Microsoft, it was frustrating to see “not invented here†and “we have to own it†attitudes often dominate when it came to interoperability and standards. Not only did this cause immediate harm to the consumer, but it was also self-defeating — it has unavoidably done great damage to Microsoft’s long-term position in the industry. Hopefully this will change, and is changing.
At the RSA Conference today, BillG made a keynote announcement that future versions of Windows Identity solutions will interoperate with OpenID. Work on the details is just beginning now.
A key part of Microsoft’s identity solutions is the new CardSpace (previously called InfoCard), which is included within Windows Vista, and is available as an optional add-on for both Windows XP SP2 and Windows 2003 Server SP1 (tied to the .NET 3.0 runtime). CardSpace provides software for the user, and a set of APIs for web servers and services, which helps users manage and take control of their identity and and desired level of privacy for those services. Once OpenID is working with CardSpace, you could think of it as just another OpenID provider with some advanced identity management and authentication features.
This is still ultimately an “embrace and extend†strategy for Microsoft. But that is much healthier for everyone than no interoperability at all. OpenID will gain support on the majority platform, and a useful new authentication service (CardSpace) for those users. And Microsoft gains a feature that actually works with the rest of the ecosystem to keep people on Windows. And it’s optional in both directions — CardSpace does not need OpenID to work, and OpenID will continue to work with many other providers, on the Windows platform or not.
Good news.
I’m really excited that OpenID is picking up speed 
