News

Microsoft Kills CardSpace but Promotes U-Prove for Secure IDs

Microsoft confirmed last week that it will not release CardSpace 2.0, its claims-based identity solution for clients.

CardSpace 2.0 lagged behind the release of other Microsoft code-named "Geneva" identity products, including Active Directory Federation Services 2.0, which was released in May. Consequently, the news that Microsoft would not ship CardSpace 2.0 was not surprising. Microsoft's low-key announcement in a blog post indicated that the ability to use cloud-based identities, the lack of developer tools for CardSpace, plus feedback from beta testers, led to the demise of CardSpace as a product.

"The identity landscape has changed with the evolution of tools and cloud services. Based on the feedback we have received from partners and beta participants, we have decided not to ship Windows CardSpace 2.0," the blog stated.

Microsoft hasn't abandoned the idea of using claims-based identity, in which a user presents a set of claims (such as an e-mail address and user name) to an application. The company uses that approach in various solutions and services, such as Dynamics CRM, SharePoint, Office 365 and Windows Azure. Microsoft instead is putting its efforts behind U-Prove, according to the blog. U-Prove is a set of cryptographic and authentication technologies that Microsoft acquired about two years ago from Montreal-based privacy firm Credentica.

Microsoft announced a new community technology preview of U-Prove last week, noting that "in this Preview, Microsoft offers a U-Prove Agent running as an online service, accessible from any computing device with a web browser." Enhanced security and privacy protections will be offered as "optional client-side software," according to the announcement.

Microsoft is also working with a nonprofit organization called the "Identity Commons" to form a new working group that will shepherd "open source variants of a U-Prove Agent," according to the announcement. The working group will test the agent's "interoperability among common browsers and platforms." Microsoft has already released open source software development kits for C# and Java under the Free BSD license with the first CTP release of U-Prove.

Developers apparently weren't too interested in using cards for claims-based identity, according to Vittorio Bertocci, an evangelist on Microsoft's identity platform and author of a book on CardSpace.  He said in a blog post that "the requests for guidance [from developers] were overwhelmingly about passive single-sign on, authorization and customization, delegation and similar [matters] but not about cards." He described CardSpace as an early version of a claims-based identity solution that wasn't wholly flight worthy, comparing it to archaeopteryx, a bird-like dinosaur.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft Ending Azure Container Service Support in 2020

    Microsoft gave notice earlier this month that it will be ending its Azure Container Service on Jan. 31, 2020.

  • Microsoft Releases Surface Diagnostic Toolkit for Business

    Microsoft released a new tool, Surface Diagnostic Toolkit for Business, earlier this month, providing a means for IT pros to find and troubleshoot problems on Microsoft Surface devices.

  • How To Enable Guest Access for Office 365

    While it's possible to give outside users access to certain content in your organization's Office 365 environment, the process of setting them up requires a few extra steps.

  • Microsoft Now Supports OpenSSH in Windows Server 2019

    Microsoft announced on Tuesday that the OpenSSH solution used for remote management is now a supported "Features on Demand" addition in both Windows 10 version 1809 and Windows Server 2019.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.