Microsoft! snuggles! with! Yahoo! on! OpenID!
Shared bank accounts next?
Call it co-incidence or call it necessity, but Microsoft has jumped on-board a Yahoo!-backed initiative to give internet users a single digital identity.
Microsoft is joining systems and internet rivals IBM and Google by becoming a full corporate board member of the OpenID Foundation. Also signing up are VeriSign and Yahoo!, the latter last month pledging its support for OpenID from the end of the month.
Corporate-level membership of the OpenID Foundation comes just a week after Microsoft launched its hostile $45bn takeover bid for Yahoo!. Yahoo! has some 400 million internet users with accounts spanning such diverse properties as email, Flickr, Delicious and financial information.
Microsoft's backing comes in the wake of its failure in recent years to persuade the industry to rally behind its own single sign-on initiative, the centralized Passport system, used only by Microsoft and a relative handful of partners.
In the past, Microsoft has chosen to go its own way on internet standards and dragged partners along with it, notably with the formation of the Web Services Interoperability (WS-I) organization and the resulting WS-* specifications.
The Open ID Foundation's goal is to roll-out an open online identity framework that eliminates the need for users to create and remember multiple identities and passwords for different web sites. More than 10,000 web sites currently support OpenID log ins.
Until now, Microsoft had been only affiliated with OpenID - although chief research and strategy officer Craig Mundie last year pledged to integrate OpenID with its CardSpace system in Windows Vista.
In a statement, Microsoft said it was looking forward to working with the community refining and driving adoption of OpenID. "The OpenID community is a key constituency in solving the digital identity problems internet users face," chief identity architect Kim Cameron said in a prepared statement.®
Both OpenId and CardSpace allow for multiple identities.
Passport != Cardspace
Information Cards are supported on Linux, Mac (DigitalMe), Windows (Cardspace).
Information Cars are widely regarded as more secure than OpenId. (OpenId is demonstrably prone to phishing attacks)
Microsoft has gone to a lot of effort to ensure that its identity provider is part of a broader meta-system, with integration to multiple systems including OpenId.
Get your heads out of your arses. Maybe that way your job wont get outsourced to India.
Embraced and Extended...
"Microsoft about to do another Embrace, Extend, Extinguish on OpenID in order to puff up their Passport thingy?"
They've already started work on the Embrace and Extend steps, even before they tried to buy Yahoo. Take a look at Cardspace.
Methinks people miss the point...
Do a bit of reading about OpenID, people..
This is not Passport or Yahoo or a similar centralised service. If you want to be your own OpenID provider (and you have some webspace with CGI support), you can be. The whole point of OpenID is that it's distributed. Anybody can be a provider. It provides authentication and only authentication - if X was X yesterday, X is almost certainly X today; where X could be little Jimmy, a convicted criminal, or a dog sitting behind a keyboard.
Personally, I have one common insecure password for almost every website, and a handful of others for websites and services that I consider strategic. It's far more likely that one of these small poorly written websites leaks my password than a security conscious OpenID provider will.
As mentioned before, it also needn't be one OpenID - if you want multiple OpenID's, you can also have that. There's also support for logging into one site with multiple OpenIDs at the same time.
And a great feature will be web browsers with special support for OpenID, so I needn't even visit the website of my OpenID provider to authenticate or allow a website access to some of my OpenID info.