Microsoft, Google make moves in identity management

* Windows Live to support OpenID; Google to enable Gmail to be used as OpenID identifiers

Microsoft and Google, OpenID and CardSpace - and even a bit of SAML - featured prominently in last week's identity-related announcements. Microsoft made a couple of brilliant moves while Google appeared to stub its toe by irritating the OpenID community even as it was trying to ingratiate itself with them.

Early in the week Microsoft announced that Windows Live would begin supporting OpenID. This news was so big that it even got reported by the New York Times. In a nutshell, Microsoft announced that: “You will soon be able to useWindows Live web site. )

your Windows Live ID account to sign in to any OpenID Web site! (See the announcement on the

The Windows Live ID OpenID Provider (OP) enables anyone with a Windows Live ID account to set up an OpenID alias and to use that for identification at an increasing number of OpenID 2.0 relying party sites. No word, though, on when Windows Live would accept sign-ins from other OPs.

Google also announced support for OpenID. Well, sort of. Similar to Microsoft’s announcement, Google will enable all users’ Gmail identifiers to be used as OpenID identifiers. Right. You’ll be able to use an e-mail address as the URL required by OpenID relying parties. But only those that Google approves of since it is whitelisting the service providers it will deign toGoogle OpenID IDP is now live” in the archives of the OpenID discussion list. Warning: seriously nerdy!

allow their users to authenticate to. At the same time, Google appear to be playing “pick and choose” with the OpenID specification. If you're interested in the gory details, see the thread “

The really big news of the week was the announcement of Microsoft’s Geneva Server. Formerly code-named Zermatt – and the successor to Active Directory Federation Services (ADFS) – Geneva is a bonafide Identity Server, the first such beast from the Redmond behemoth. This is, by far, the best thing Microsoft has ever done in the identity space. Don Schmidt, principal program manager architect at Microsoft, had this to say about Geneva: “To maximize interoperability with clients and servers from other vendors, it supports the WS-Trust, WS-Federation and SAML 2.0 protocols. To maximize administrative efficiency Geneva automates federation trust configuration and management using the new harmonized federation metadata format (based on SAML 2.0 metadata) that was recently adopted by the WSFED TC [Oasis

Technical Committee]. WS-Trust is provided to support Information Card based Identity Selectors from third parties, as well as Windows CardSpace.”

Third party infocard support as well as support for the Liberty Alliance’s SAML protocol. This is NOT your father’s Microsoft!

There’s other news concerning both Microsoft and Google (and identity), and I’ll get to that next issue.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2008 IDG Communications, Inc.

IT Salary Survey: The results are in