Microsoft and Google, OpenID and CardSpace - and even a bit of SAML - featured prominently in last week's identity-related announcements. Microsoft made a couple of brilliant moves while Google appeared to stub its toe by irritating the OpenID community even as it was trying to ingratiate itself with them.

Early in the week Microsoft announced that Windows Live would begin supporting OpenID. This news was so big that it even got reported by the New York Times. In a nutshell, Microsoft announced that: “You will soon be able to use
your Windows Live ID account to sign in to any OpenID Web site! (See the announcement on the Windows Live web site. )

The Windows Live ID OpenID Provider (OP) enables anyone with a Windows Live ID account to set up an OpenID alias and to use that for identification at an increasing number of OpenID 2.0 relying party sites. No word, though, on when Windows Live would accept sign-ins from other OPs.

Google also announced support for OpenID. Well, sort of. Similar to Microsoft’s announcement, Google will enable all users’ Gmail identifiers to be used as OpenID identifiers. Right. You’ll be able to use an e-mail address as the URL required by OpenID relying parties. But only those that Google approves of since it is whitelisting the service providers it will deign to
allow their users to authenticate to. At the same time, Google appear to be playing “pick and choose” with the OpenID specification. If you're interested in the gory details, see the thread “Google OpenID IDP is now live” in the archives of the OpenID discussion list. Warning: seriously nerdy!

The really big news of the week was the announcement of Microsoft’s Geneva Server. Formerly code-named Zermatt – and the successor to Active Directory Federation Services (ADFS) – Geneva is a bonafide Identity Server, the first such beast from the Redmond behemoth. This is, by far, the best thing Microsoft has ever done in the identity space. Don Schmidt, principal program manager architect at Microsoft, had this to say about Geneva: “To maximize interoperability with clients and servers from other vendors, it supports the WS-Trust, WS-Federation and SAML 2.0 protocols. To maximize administrative efficiency Geneva automates federation trust configuration and management using the new harmonized federation metadata format (based on SAML 2.0 metadata) that was recently adopted by the WSFED TC [Oasis
Technical Committee]. WS-Trust is provided to support Information Card based Identity Selectors from third parties, as well as Windows CardSpace.”

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.