News

Microsoft Kills CardSpace but Promotes U-Prove for Secure IDs

Microsoft confirmed last week that it will not release CardSpace 2.0, its claims-based identity solution for clients.

CardSpace 2.0 lagged behind the release of other Microsoft code-named "Geneva" identity products, including Active Directory Federation Services 2.0, which was released in May. Consequently, the news that Microsoft would not ship CardSpace 2.0 was not surprising. Microsoft's low-key announcement in a blog post indicated that the ability to use cloud-based identities, the lack of developer tools for CardSpace, plus feedback from beta testers, led to the demise of CardSpace as a product.

"The identity landscape has changed with the evolution of tools and cloud services. Based on the feedback we have received from partners and beta participants, we have decided not to ship Windows CardSpace 2.0," the blog stated.

Microsoft hasn't abandoned the idea of using claims-based identity, in which a user presents a set of claims (such as an e-mail address and user name) to an application. The company uses that approach in various solutions and services, such as Dynamics CRM, SharePoint, Office 365 and Windows Azure. Microsoft instead is putting its efforts behind U-Prove, according to the blog. U-Prove is a set of cryptographic and authentication technologies that Microsoft acquired about two years ago from Montreal-based privacy firm Credentica.

Microsoft announced a new community technology preview of U-Prove last week, noting that "in this Preview, Microsoft offers a U-Prove Agent running as an online service, accessible from any computing device with a web browser." Enhanced security and privacy protections will be offered as "optional client-side software," according to the announcement.

Microsoft is also working with a nonprofit organization called the "Identity Commons" to form a new working group that will shepherd "open source variants of a U-Prove Agent," according to the announcement. The working group will test the agent's "interoperability among common browsers and platforms." Microsoft has already released open source software development kits for C# and Java under the Free BSD license with the first CTP release of U-Prove.

Developers apparently weren't too interested in using cards for claims-based identity, according to Vittorio Bertocci, an evangelist on Microsoft's identity platform and author of a book on CardSpace.  He said in a blog post that "the requests for guidance [from developers] were overwhelmingly about passive single-sign on, authorization and customization, delegation and similar [matters] but not about cards." He described CardSpace as an early version of a claims-based identity solution that wasn't wholly flight worthy, comparing it to archaeopteryx, a bird-like dinosaur.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

  • Microsoft Ups Its Carbon Reduction Goals

    Microsoft on Thursday announced a corporatewide carbon reduction effort that aims to make the company "carbon negative" by 2030.

  • How To Dynamically Lock Down an Unattended Windows 10 PC

    One of the biggest security risks in any organization happens when a user walks away from their PC without logging out. Microsoft has the solution (and it's not a password-protected screensaver).

  • First Stable Chromium-Based Microsoft Edge Browser Released

    Microsoft on Wednesday announced the first release of its Chromium-based Microsoft Edge browser at the "stable" commercial-release stage.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.