CardSpace 2.0 Headed for the Heap?
Active Directory Federation Services 2.0 is now shipping but Microsoft postponed the release of CardSpace 2.0, putting its future in doubt.
The current CardSpace is built into Windows 7 and Vista but it doesn't appear that it is widely used. Perhaps that's why Microsoft quietly announced that it was putting on hold the next version, CardSpace 2.0, which was to provide a common user-interface for managing multiple logins.
CardSpace 2.0, which had been in beta since last year, supports ADFS 2.0 and includes support for the Windows Identity Foundation. To address the lack of an updated Information Card, in the new ADFS 2.0, Microsoft next month is expected to release a Community Technology Preview of an add-on to ADFS 2.0 that will enable Windows Server to issue InfoCards.
It appears that Microsoft shifted gears in March with the release of its U-Prove information identifier at the RSA Conference when Scott Charney, Microsoft's corporate vice president of Trustworthy Computing, launched the CTP of the company's U-Prove technology.
U-Prove centers on the issuance of digital tokens that allow users to control how much information is shared with the recipient of the token. Used against ADFS 2.0, U-Prove lets users federate identities to across trusted domains. Microsoft released U-Prove under its Open Specification Promise and also donated two reference toolkits for implementing the algorithms under the Free BSD License.
Moreover, Microsoft released a second specification under its OSP for integrating U-Prove into open-source identity selectors. How that will play out, in terms of whether the .NET and open-source communities embrace U-Prove, remains to be seen.
But that has many people wondering if there's any future for CardSpace 2.0 and if U-Prove will prove, pardon the pun, to be a viable replacement. "There's certainly support for information cards; our involvement in information cards is alive and well," said Joel Sider, a senior product manager in Microsoft's Forefront security group, in an interview yesterday. Microsoft is not saying when it will update its CardsSpace 2.0 plans, but some are wondering whether the technology has a future.
CardSpace 2.0’s uncertain fate is "no surprise given its limited adoption," said Patrick Harding, CTO of Denver-based Ping Identity, a Microsoft partner and competitor. "Unfortunately, it has also really upset all of those people and companies that have bought into the InfoCard model at Microsoft's urging."
What's your take on the CardSpace 2.0 situation? Have you looked at U-Prove? Drop me a line at email@example.com.
Posted by Jeffrey Schwartz on 05/06/2010 at 1:14 PM