The Schwartz Report

Blog archive

CardSpace 2.0 Headed for the Heap?

Active Directory Federation Services 2.0 is now shipping but Microsoft postponed the release of CardSpace 2.0, putting its future in doubt.

The current CardSpace is built into Windows 7 and Vista but it doesn't appear that it is widely used. Perhaps that's why Microsoft quietly announced that it was putting on hold the next version, CardSpace 2.0, which was to provide a common user-interface for managing multiple logins.

CardSpace 2.0, which had been in beta since last year, supports ADFS 2.0 and includes support for the Windows Identity Foundation. To address the lack of an updated Information Card, in the new ADFS 2.0, Microsoft next month is expected to release a Community Technology Preview of an add-on to ADFS 2.0 that will enable Windows Server to issue InfoCards.

It appears that Microsoft shifted gears in March with the release of its U-Prove information identifier at the RSA Conference when Scott Charney, Microsoft's corporate vice president of Trustworthy Computing, launched the CTP of the company's U-Prove technology.

U-Prove centers on the issuance of digital tokens that allow users to control how much information is shared with the recipient of the token. Used against ADFS 2.0, U-Prove lets users federate identities to across trusted domains. Microsoft released U-Prove under its Open Specification Promise and also donated two reference toolkits for implementing the algorithms under the Free BSD License.

Moreover, Microsoft released a second specification under its OSP for integrating U-Prove into open-source identity selectors. How that will play out, in terms of whether the .NET and open-source communities embrace U-Prove, remains to be seen.

But that has many people wondering if there's any future for CardSpace 2.0 and if U-Prove will prove, pardon the pun, to be a viable replacement. "There's certainly support for information cards; our involvement in information cards is alive and well," said  Joel Sider, a senior product manager in Microsoft's Forefront security group, in an interview yesterday. Microsoft is not saying when it will update its CardsSpace 2.0 plans, but some are wondering whether the technology has a future.

CardSpace 2.0’s uncertain fate is "no surprise given its limited adoption," said Patrick Harding, CTO of Denver-based Ping Identity, a Microsoft partner and competitor. "Unfortunately, it has also really upset all of those people and companies that have bought into the InfoCard model at Microsoft's urging."

What's your take on the CardSpace 2.0 situation? Have you looked at U-Prove? Drop me a line at jschwartz@1105media.com.

Posted by Jeffrey Schwartz on 05/06/2010 at 1:14 PM


Featured

  • Cloud Services Starting To Overtake On-Prem Database Management Systems

    Database management system (DBMS) growth is happening more on the cloud services side than on the traditional "on-premises" side, according to a report by Gartner Inc.

  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

  • Azure Backup for SQL Server 2008 Available at Preview Stage

    Microsoft added the option of using the Azure Backup service to provide recovery support for SQL Server 2008 and SQL Server 2008 R2 when those workloads are hosted on Azure virtual machines.

  • Microsoft Suggests Disabling Old Protocols with Exchange Server 2019

    Exchange Server 2019 with Cumulative Update 2 (CU2) can help organizations rid themselves of old authentication protocols, which constitute a potential security risk.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.