The OpenID community has been having quite a few discussions about phishing and what we can do to help mitigate that problem. We have come up with a whole list of solutions that work together nicely to help address the problem. However, we are always looking to do more to help protect end-users and give them options to secure their digital identities.
I posted last week about some discussions that we had with Microsoft’s Kim Cameron (He posted on this as well). We at JanRain were left with a good feeling from the visit and were excited to take the next steps. Its with great pleasure that I’m able to make the following announcement:
Microsoft to Work With the OpenID Community, Collaborating With JanRain, Sxip, and VeriSign
JanRain, Microsoft, Sxip, and VeriSign will collaborate on interoperability between OpenID and Windows CardSpace™ to make the Internet safer and easier to use. Specifically:
As part of OpenID’s security architecture, OpenID will be extended to allow relying parties to explicitly request and be informed of the use of phishing-resistant credentials.
Microsoft recognizes the growth of the OpenID community and believes OpenID plays a significant role in the Internet identity infrastructure. Kim Cameron, Chief Architect of Identity at Microsoft, will work with the OpenID community on authentication and anti-phishing.
JanRain, Sxip, and VeriSign recognize that Information Cards provide significant anti-phishing, privacy, and convenience benefits to users. Information Cards, based on the open WS-Trust standard, are available though Windows CardSpace™.
JanRain and Sxip, leading providers of open source code libraries for blogging and web sites, are announcing they will add support for the Information Cards to their OpenID code bases.
JanRain, Sxip and VeriSign plan to add Information Card support to future identity solutions.
Microsoft plans to support OpenID in future Identity server products.
The four companies have agreed to work together on a “Using Information Cards with OpenID” profile that will make it possible for other developers and service providers to take advantage of these technology advancements.
OpenID has always been about convergence. When Brad, David and Johannes talked about how OpenID and Yadis could work together over a year ago. When the XRI folks brought their amazing people and technology to be integrated into OpenID 2.0 last Spring. This past Summer when Sxip Identity joined the OpenID party by joining in on developing the specification and offering up their attribute exchange specification to the OpenID community. And now today, we have a commitment from Microsoft to take part in the OpenID community as well as enable the technology for their future identity products.
There are a couple of points I’d like to make outside of the above announcement to hopefully address any concerns that the OpenID community might have:
- JanRain will never require users of our libraries or services to use Windows CardSpace ™. We offer support for this technology as another option for users much like using our Safe SignIn and Personal Icon technologies on MyOpenID.com. We’ll also continue to support the OpenID efforts going on with Mozilla and Firefox.
- Windows CardSpace ™ is shipping with Vista today and is a well thought-out technology that helps address many of the privacy and security concerns that people have had with OpenID. OpenID helps users describe their identity across many sites in a public fashion. The two together are very complimentary products and each has its strength.
- Microsoft did not cave in to the OpenID community and the OpenID community is giving nothing up to Microsoft. This is a collaboration on bringing the best technology to the marketplace as quickly as possible to help secure users and solve the single sign-on solution once and for all.
- Please reserve judgment on what this all means until you see it all work together. The technology is really quite simple and the ramifications for end-users is huge. It also goes a very long way to completely addressing the phishing concerns we’ve heard so much about.
As always, please feel free to comment here or on the OpenID General list with any questions, comments or concerns.
You can read more from others:
Kim Cameron, Microsoft,
Dick Hardt, Sxip Identity
Michael Graves, Verisign
David Recordon, Verisign
Johannes Ernst, NetMesh
30 comments
Comments feed for this article
Trackback link
http://kveton.com/blog/2007/02/06/cardspace-openid-working-together/trackback/
February 6, 2007 at 5:02 pm
Pingback from Kim Cameron’s Identity Weblog » CardSpace / OpenID Collaboration Announcement
February 6, 2007 at 5:21 pm
Pingback from Identity 2.0 » Microsoft and OpenID - commentary
February 6, 2007 at 8:16 pm
Pingback from Leancode » Archives » Microsoft: Windows-OpenID interoperability
February 6, 2007 at 8:57 pm
Pingback from Identity 1.0 Gains Momentum at Not So Relevant
February 6, 2007 at 8:59 pm
Pingback from Identity 2.0 Gains Momentum at Not So Relevant
February 6, 2007 at 10:18 pm
Pingback from Kim Cameron’s Identity Weblog » Clairvoyance?
February 7, 2007 at 1:13 am
Pingback from Vibro.NET : CardSpace/OpenID convergence
February 7, 2007 at 9:30 am
Pingback from Маниакальный Веблог » Microsoft поддерживает OpenID
February 7, 2007 at 11:40 am
Trackback from Stuart King’s Security and Risk Management Blog - OpenID news...
February 7, 2007 at 12:55 pm
Pingback from Egomedium.net » Blog Archive » Microsoft va supporter l’initiative OpenID !
February 7, 2007 at 4:30 pm
Pingback from This Old Network » Blog Archive » ClaimID, the easy to use OpenID identity provider
February 8, 2007 at 1:28 am
Pingback from The Undevelopment Blog » Happily Ever After?
February 8, 2007 at 9:17 am
Pingback from 【刻录事·二零零七】 » Blog Archive » 微软支持OpenID
February 9, 2007 at 12:31 am
Pingback from Digital Business Strategy » Blog Archive » OpenID and Microsoft, BFFs*!
February 9, 2007 at 6:25 am
Trackback from Scott Hanselman’s Computer Zen - Hanselminutes Podcast 50 - OpenID/Microsoft Announcement...
February 13, 2007 at 12:05 am
Pingback from wp-xrds at willnorris.com
February 14, 2007 at 8:45 pm
Pingback from Murat Ozoral » Blog Archive » microsoft ve open id
February 16, 2007 at 2:33 pm
Pingback from Five Key Takeaways From Microsoft, OpenID Announcement » Vista Fan Boy dot com - Blogging About Windows Vista
February 23, 2007 at 7:49 am
Pingback from dale olds’ virtualsoul » The Internet Identity Explosion and the Bandit Project
February 24, 2007 at 10:37 pm
Pingback from Kim Cameron’s Identity Weblog » Understanding Bandit
March 15, 2007 at 7:50 pm
Pingback from The Security Roundtable » Blog Archive » The Security Roundtable for February 2007 - OpenID
July 23, 2007 at 10:41 pm
Trackback from DT blogi - Microsoft lubab toetada OpenID-d...
October 18, 2007 at 11:07 am
Pingback from Mike Jones: self-issued » MyOpenID adds Information Card Support
February 6, 2007 at 6:55 pm
factoryjoe
This is fantastic news. I am eager to see how it really plays out, but this will hopefully signify that a “big player” has moved towards OpenID and that it should now be taken more seriously — and is worth further investment and support.
February 8, 2007 at 1:45 am
iansorbello.pip.verisignlabs.com
Well done to you all!
I can only begin to imagine the potential that may be unlocked when technologies like this come together.
February 14, 2007 at 10:18 am
Nick
All about nutrizione
March 5, 2007 at 11:38 am
james
In order for authorization to be supported, the folks in the OpenID community would need to have the desire of moving past the basics of identity. Likewise, the features of an identity selector (e.g. Cardspace) will need to change. IMHO it seems no one really cares to talk deeper about authorization as it may require too much work on their parts…
April 18, 2007 at 11:14 pm
Mexxor
test
May 14, 2007 at 5:46 pm
gold-hyip
gold-hyip.vel4.com is an investment system designed specifically for online investors. To make it easier for you and to reduce administrative expenses, we use the so-called e-currencies (also referred to as digital currencies or electronic payment systems) in our operations.
July 20, 2007 at 5:19 pm
Pucker
buy%2Bautocad%2B2007%2B%2B%255BURL%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fbuy%252Dautocad%252D2007.html%2B%255Dbuy%2Bautocad%2B2007%255B%252FURL%255D%2B%2B%2B%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fbuy%252Dautocad%252D2007.html%2B%253Ebuy%2Bautocad%2B2007%253C%252Fa%253E%2B%2B%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fbuy%252Dautocad%252D2007.html%2Bbuy%2Bautocad%2B2007%2B%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fauto%252Dcad%252Dtutorial.html%2B%253Eauto%2Bcad%2Btutorial%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautocad%252Dprogram.html%2B%253Eautocad%2Bprogram%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fauto%252Dcad%252D2007%252Ddownload%252Dsoftware.html%2B%253Eauto%2Bcad%2B2007%2Bdownload%2Bsoftware%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautocad%252D2007%252Dlt.html%2B%253Eautocad%2B2007%2Blt%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautocad%252Dtutorial.html%2B%253Eautocad%2Btutorial%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautocad%252D2007.html%2B%253Eautocad%2B2007%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautocad%252Dsoftware.html%2B%253Eautocad%2Bsoftware%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fauto%252Dcad%252Delectrical.html%2B%253Eauto%2Bcad%2Belectrical%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fauto%252Dcad%252Ddownload.html%2B%253Eauto%2Bcad%2Bdownload%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautodesk%252Dautocad%252D2007%252Ddownload%252Dsoftware.html%2B%253Eautodesk%2Bautocad%2B2007%2Bdownload%2Bsoftware%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautodesk%252Dautocad%252Dtutorial.html%2B%253Eautodesk%2Bautocad%2Btutorial%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautodesk%252Dautocad%252D2007.html%2B%253Eautodesk%2Bautocad%2B2007%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautodesk%252Dautocad%252D2007%252Dlt.html%2B%253Eautodesk%2Bautocad%2B2007%2Blt%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautodesk%252Dautocad%252Ddownloadable%252Dinstaller.html%2B%253Eautodesk%2Bautocad%2Bdownloadable%2Binstaller%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fauto%252Dcad%252Dsoftware.html%2B%253Eauto%2Bcad%2Bsoftware%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautodesk%252Dautocad%252Dsoftware.html%2B%253Eautodesk%2Bautocad%2Bsoftware%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fauto%252Dcad%252D2007%252Dsoftware.html%2B%253Eauto%2Bcad%2B2007%2Bsoftware%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautocad%252Ddownload.html%2B%253Eautocad%2Bdownload%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautocad%252Delectrical.html%2B%253Eautocad%2Belectrical%253C%252Fa%253E%250D%250A%253Ca%2Bhref%253D%2Bhttp%253A%252F%252Fgeo.ya.com%252Facadsoft%252F2007%252Fautocad%252D2007%252Ddownload%252Dsoftware.html%2B%253Eautocad%2B2007%2Bdownload%2Bsoftware%253C%252Fa%253E%250D%250A2