In January, I commented that Bill Gates had never warmed up to identity issues and judging by his keynote address at the Consumer Electronics Show, he never will. In the last newsletter, I talked about Microsoft's evident blind spot regarding metadirectories and virtual directories. Today I want to talk about Microsoft and identity management standards.

Last week, Network World’s John Fontana (see “Microsoft's directory team forced to reconsider ignored standards”) wrote: “Joe Long, general manager of the connected identity and directory at Microsoft, said during a panel discussion at NetPro's Directory Experts Conference that Microsoft was being forced to re-examine if it would support SAML, the Service Provisioning Markup Language (SPML) and the Extensible Access Control Markup Language (XACML).” What are the folks at Microsoft waiting for?

Speaker after speaker at the conference - which is, after all, solely devoted to Microsoft identity technologies - spoke about the heterogeneous world we live in. Many offered suggestions about connecting Macintosh, Linux and Unix systems to your Microsoft network.

Well, the easiest way to bring identity management solutions to your heterogeneous network is by communicating among the platforms using open standards - SAML, SPML and XACML being the major offerings. Microsoft has simply waited too long for the rest of the world to adopt the Web Services initiative (WS-*) protocols. Heck, the rest of the world has been waiting way too long for Microsoft and its henchmen, er, partners (IBM, Verisign, and a few others) to finalize the panoply of standards that make up the WS-*! IBM realized some time ago that it would need to support SAML, SPML, XACML and the other XML-based standards - so when will Microsoft become a player, too?

Sure, there are ways to “translate” back and forth between, say, WS-Trust and SAML but wouldn’t you, Mr. Developer, rather be able to speak directly in the protocol of your choice instead of having a clunky translator in the middle of your transaction? It’s time to get on the bus, Microsoft because it’s about to leave the station without you!

I’ll have a lot more to say about this next week, but right now I want to thank the wonderful folks at NetPro who put on the Directory Experts Conference – Gil Kirkpatrick, Christine McDermott and the indefatigable Stella DeJean. They put on an excellent event, one that everyone who depends on Microsoft identity technologies – Active Directory, Identity Lifecycle Manager, Federation Services and Windows Cardspace – should attend. You’ll learn more at DEC than you would at Microsoft’s own TechED.

Whitepapers

• Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
• Selecting Effective Virtual Directories
• A Modern Approach to On-Demand Email and Data Security
• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Compliance, Protection, Recovery: A Layered Approach to Laptop Security
• Endpoint Security: Data Protection for IT, Freedom for Laptop Users

View more SECURITY whitepapers

Webcasts

• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage
• Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management On-Demand

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• Learn how to Keep your Mobile Workforce Connected
• The self-managed network

View more SECURITY special reports