You can read it around the web, but, hot on the heels of the creation of the OpenID Foundation, the news from the RSA Security conference is that Bill Gates has announced Microsoft’s intention to support OpenID 2.0.
Microsoft to Work With the OpenID Community, Collaborating With JanRain, Sxip, and VeriSign
JanRain, Microsoft, Sxip, and VeriSign will collaborate on interoperability between OpenID and Windows CardSpace™ to make the Internet safer and easier to use. Specifically:
As part of OpenID’s security architecture, OpenID will be extended to allow relying parties to explicitly request and be informed of the use of phishing-resistant credentials.
Microsoft recognizes the growth of the OpenID community and believes OpenID plays a significant role in the Internet identity infrastructure. Kim Cameron, Chief Architect of Identity at Microsoft, will work with the OpenID community on authentication and anti-phishing.
JanRain, Sxip, and VeriSign recognize that Information Cards provide significant anti-phishing, privacy, and convenience benefits to users. Information Cards, based on the open WS-Trust standard, are available though Windows CardSpace™.
JanRain and Sxip, leading providers of open source code libraries for blogging and web sites, are announcing they will add support for the Information Cards to their OpenID code bases.
JanRain, Sxip and VeriSign plan to add Information Card support to future identity solutions.
Microsoft plans to support OpenID in future Identity server products.
The four companies have agreed to work together on a “Using Information Cards with OpenID” profile that will make it possible for other developers and service providers to take advantage of these technology advancements.
There’s no shortage of coverage, so I’ll just give you a run down of the players involved: Kim Cameron of Microsoft, Dick Hardt of SXIP, Michael Grave and David Recordon of VeriSign, Johannes Ernst of Netmesh, and Brad Fitzpatrick of LiveJournal.
What this means will be seen over time, but it does mean that a major player has shown their support for the protocol and for the community, making way for other, more reluctant parties, to step up and enter the arena.
It also means that Microsoft will be answering a major question about interface for the OpenID effort with their CardSpace work — and, if that work complies with their Open Specifications Promise, it will be advancing the anti-phishing efforts of the OpenID community years forward by bringing to the table a deployed, open specification for handling authentication in the browser.
While there will certainly be much work to be done to offer choice, this seems like a great opportunity to accelerate the user-centric identity efforts that have recently come to fruition.