News

Microsoft Kills CardSpace but Promotes U-Prove for Secure IDs

Microsoft confirmed last week that it will not release CardSpace 2.0, its claims-based identity solution for clients.

CardSpace 2.0 lagged behind the release of other Microsoft code-named "Geneva" identity products, including Active Directory Federation Services 2.0, which was released in May. Consequently, the news that Microsoft would not ship CardSpace 2.0 was not surprising. Microsoft's low-key announcement in a blog post indicated that the ability to use cloud-based identities, the lack of developer tools for CardSpace, plus feedback from beta testers, led to the demise of CardSpace as a product.

"The identity landscape has changed with the evolution of tools and cloud services. Based on the feedback we have received from partners and beta participants, we have decided not to ship Windows CardSpace 2.0," the blog stated.

Microsoft hasn't abandoned the idea of using claims-based identity, in which a user presents a set of claims (such as an e-mail address and user name) to an application. The company uses that approach in various solutions and services, such as Dynamics CRM, SharePoint, Office 365 and Windows Azure. Microsoft instead is putting its efforts behind U-Prove, according to the blog. U-Prove is a set of cryptographic and authentication technologies that Microsoft acquired about two years ago from Montreal-based privacy firm Credentica.

Microsoft announced a new community technology preview of U-Prove last week, noting that "in this Preview, Microsoft offers a U-Prove Agent running as an online service, accessible from any computing device with a web browser." Enhanced security and privacy protections will be offered as "optional client-side software," according to the announcement.

Microsoft is also working with a nonprofit organization called the "Identity Commons" to form a new working group that will shepherd "open source variants of a U-Prove Agent," according to the announcement. The working group will test the agent's "interoperability among common browsers and platforms." Microsoft has already released open source software development kits for C# and Java under the Free BSD license with the first CTP release of U-Prove.

Developers apparently weren't too interested in using cards for claims-based identity, according to Vittorio Bertocci, an evangelist on Microsoft's identity platform and author of a book on CardSpace.  He said in a blog post that "the requests for guidance [from developers] were overwhelmingly about passive single-sign on, authorization and customization, delegation and similar [matters] but not about cards." He described CardSpace as an early version of a claims-based identity solution that wasn't wholly flight worthy, comparing it to archaeopteryx, a bird-like dinosaur.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft Previews Windows VM Authentications via Azure Active Directory

    Microsoft on Thursday announced a preview of remote authentications into Windows-based Azure virtual machines (VMs) using Azure AD credentials.

  • Windows Server 20H1 Getting Smaller Containers and Faster PowerShell

    Microsoft is promising to deliver a smaller container size and improved PowerShell performance with its next release of Windows Server.

  • Microsoft Previews Microsoft Teams for Linux

    Microsoft on Tuesday announced a "limited preview" release of Microsoft Teams for certain Linux desktop operating systems.

  • Hyper-V Architecture: Some Clarifications

    Brien answers two thought-provoking reader questions. First, do Hyper-V VMs have direct hardware access? And second, how is it possible to monitor VM resource consumption from the host operating system?

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.