[OpenID] Microsoft and OpenID Q&A

Dick Hardt dick at sxip.com
Thu Feb 22 15:43:22 UTC 2007

Inserted our my answers to the current questions:

On 21-Feb-07, at 6:03 PM, Eric Norman wrote:
> On Feb 21, 2007, at 6:23 PM, Johannes Ernst wrote:
>> 1. Has Microsoft made any commitment to implement OpenID in any
>> product? If so, which?

No specific commitments.

>> 2. Has the OpenID Community committed to support any WS-* protocols?
>> If so, which and how?

No. I think the OpenID Community is represented by discussion on the  
openid.net mail lists, and I have not seen any significant discussion  
about OpenID supporting any WS-* protocols.

JanRain and Sxip Identity committed to supporting Information Cards  
in future products. At Sxip we released Whobar that supports  
accepting both OpenID and Information Cards, but have not made any  
other specific commitment. I don't think that JanRain has made any  

>> 3. Hang on, how can the OpenID Community commit to anything (WS-* or
>> anything else), given that it is self-organizing and not "managed" by
>> anybody?

The "Community" could commit if that was consensus on the mail lists  
and people wanted to support WS-*.

>> 4. What would be the advantages / disadvantages of using Microsoft's
>> CardSpace with OpenID?
> 4a.  (More detailed)  What are the strengths of one that are  
> weaknesses
> of the other?
> 5.  What changes (installation, behavior, other software) will need to
> happen?
> 6.  Will a large population "all have to jump at once" to effect
> deployment?
> 7.  Which parts (code, protocols, etc) of each will be discarded (no
> longer useful)?

One clear advantage of CardSpace is that it is a strong, phishing  
resistant method of authenticating to a website. How the user  
authenticates to an OpenID Provider is out of scope of the current  
draft of OpenID Authentication 2.0. CardSpace therefore is a good  
solution for how the user can authenticate to their OpenID Provider.

-- Dick

More information about the general mailing list