Microsoft cuts intellectual-property chains from Web services protocols


SANTA CLARA – In a move mostly designed to open up its identity infrastructure, Microsoft said Tuesday that it would drop intellectual-property and patent claims to 35 Web services protocols it has developed making them available license-free for anyone to use.

At IDG’s annual Digital ID World conference, the company quietly issued the Microsoft Open Specification Promise (OPS), which gives developers free access to many of the Web services protocols Microsoft has developed over the years.

The protocols include the current versions of protocols in the WS-* security stack and those that are used as the foundation for the company’s year-old Identity Metasystem infrastructure and its InfoCard and companion CardSpace technology.

The announcement was posted on the blog of Kim Cameron, Microsoft’s identity architect, and included endorsements from third-party rivals, such as Red Hat. Cameron and colleague Mike Jones worked to get OPS approved in the executive and legal ranks at Microsoft. Bob Muglia, senior vice president of Microsoft’s server and tools business and Microsoft’s patent lawyers signed off on the OPS document Tuesday.

Cameron wrote on his blog: “The goal was to find the simplest, clearest way of assuring that the broadest possible audience of developers could implement specifications without worrying about intellectual-property issues - in other words a simplified method of sharing ‘technical assets.’ ”

OPS is a legal document that hinges on a “promise not to assert” (i.e., enforce patents). It is “self-executing,” meaning developers don’t have to sign anything to use the protocols. Similar legal documents not to assert rights over patents have been used recently by IBM, Sun and Oracle. OPS is similar to another promise not to assert patents that Microsoft made last year regarding its Office 2003 XML Reference Schema.

But there is no doubt Microsoft’s OPS will be subjected to interpretation and scrutiny over certain provisions, such as the fact that it covers only current versions of the protocols and reserves commitments on future iterations. But Microsoft hopes OPS aligns closely with open source licensing.

“This is a significant step forward,” says Jamie Lewis, Burton Group president and CEO. “Microsoft has been talking consistently about wanting to see not only interoperability but functional equivalency for its identity technology on other platforms.”

While licensing was the major hurdle, lesser details also have to be worked out, including the meta models and schema that Microsoft used to implement its own identity technology, such as InfoCard and CardSpace. Microsoft has not reached decisions about how that will be accomplished.

“The protocols alone do not give you functional equivalency,” Lewis says. “But clearly Microsoft is serious about seeing the functional equivalency of CardSpace moving beyond the Windows platform, and this is a huge step that changes the context of these discussions.”

One of the immediate changes is that any ISV can now freely develop client interfaces and back-end components that are interoperable with Microsoft’s Identity Metasystem, which was introduced last year.

The major focus is on InfoCard and the UI built on that technology called CardSpace slated to ship with Vista later this year. CardSpace presents users with an identity selector, basically a palette of secure identity cards that can be used to authenticate to various network resources or Web sites.

Under OPS, third parties can develop their own user interfaces similar to CardSpace, free from contractual obligations, and provide an identity client on any platform and interoperate with the Identity Metasystem back-end infrastructure.

The open source Higgins Project, begun last year by IBM, Novell and a handful of academics, plans to use the protocols as part of its ongoing work to create a software framework that makes it easier for IT to integrate identity systems.

OPS also opens access to protocols such as WS-Trust that is the foundation for the back-end infrastructure of Microsoft’s Identity Metasystem. That infrastructure hinges on Microsoft’s Security Token Service, a lightweight gateway based on WS-Trust for servers and clients that negotiates the exchange of security tokens, such as Kerberos or the Security Assertion Markup Language.

Some of the 35 protocols Microsoft has singled out have passed through the standards process mainly at the Organization for the Advancement of Structured Information Standards, which does not require vendors to relinquish their intellectual-property rights. The OPS, however, applies in either case. Some have been approved by OASIS; others have not even been submitted to a standards process.

Many of the 35 protocols were developed in conjunction with IBM, which has made a similar move around freeing intellectual-property constraints around the protocols. IBM is building many of the protocols into its open source Eclipse framework.  The move includes access to Web services protocols developed in an ongoing partnership with Sun, which offers unencumbered access to it intellectual property contained in the protocols.

The Web services protocols that fall under OPS are:







WSDL 1.1 Binding Extension for SOAP 1.2




WS-Federation Active Requestor Profile

WS-Federation Passive Requestor Profile


WS-Management Catalog   





WS-RM Policy

Remote Shell Web Services Protocol


WS-Security: Kerberos Binding

WS-Security: SOAP Message Security

WS-Security: UsernameToken Profile

WS-Security: X.509 Certificate Token Profile



SOAP 1.1 Binding for MTOM 1.0   





WS-I Basic Profile

Web Single Sign-On Interoperability Profile

Web Single Sign-On Metadata Exchange Protocol

Learn more about this topic

Judge penalizes Microsoft $25 million in patent case


Microsoft continues to build IP licensing portfolio


IBM explains identity management approach


Must read: 11 hidden tips and tweaks for Windows 10
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies