Microsoft throws its CardSpace behind OpenID

Stan Beer
Wednesday, 07 February 2007 12:08

Your IT - Home IT

Microsoft chairman Bill Gates and successor chief research and strategy officer Craig Mundie have outlined the company's plans to support emerging open source online identity management standard OpenID and integrate with its own Windows-based CardSpace authentication system.

The OpenID system enables users to identify themselves on the Internet with a URL as their username while storing their credentials at an OpenID provider, such as Verisign, LiveJournal, OpenID among others.

When logging into an OpenID enabled website, users enters their URL and are directed to their OpenID provider, verify their identity, and are sent back to the site they wish to access with login details for the session. The system is being touted as a way to thwart phishers, although detractors claim that it could lend itself to exploitation and have exactly the opposite effect.

Speaking in tandem at the RSA Security conference in San Francisco, Gates and Mundie claimed that the marriage of Microsoft's CardSpace and OpenID is a giant step forward and would thwart phishing attacks that use fake websites to steal sensitive information from Internet users.

The appearance of both Gates and Mundie on the stage together was widely seen as a symbolic gesture by Gates to pass the mantle of leadership of the Microsoft's technology strategy to Mundie, who takes the helm in 2008.