Here is a piece by Eric Norlin over at zdnet.com. Windows Live ID is the identity backbone used by Microsoft’s web properties and services - for example, by hotmail. For those who haven’t followed the bouncing ball, Windows Live ID is the latest evolution of Passport, which has undergone a name change to convey its focus within Window Live services - as well as its ability to federate in a multi-centered identity landscape.
Recent announcements of Google’s authentication service have prompted comparisons to Passport, and even gotten to Dick Hardt (of “Identity 2.0″ fame) to call it the, “deepening of the identity silo.” I’d like to contrast Google’s work with Microsoft’s recent work around Live ID.
Microsoft’s Live ID *is* the old Passport — with a few key changes. Kim Cameron’s work around the identity metasystem has driven the concept of InfoCards (now called CardSpace) deep inside of Microsoft. In essence, Kim’s idea is that there is a “metasystem” which utilizes WS-Trust to translate tokens, so that all identity systems can interact with each other.
Of extreme importance is the fact that Windows Live ID will support WS-Trust, WS-Federation, CardSpace and ADFS (active directory federation server). This means that A) Windows Live ID can interact with other identity metasystem implementations (Open Source versions, for example); B) that your corporate active directory environment can be federated into Windows Live ID; and C) the closed system that was Passport has now effectively been transformed into an open (standards-based) and transparent system that is Live ID.
Contrast all of this with Google’s announcement: create Google account, store user information at Google, get authentication from Google — are we sensing a trend? While Microsoft is now making it easy to interact with other (competing) identity systems, Google is making it nearly impossible. All of which leads one to ask - why?
I honestly believe that Microsoft is ahead of Google on this one for a very simple reason: Passport taught Microsoft some very painful, first-hand lessons. Passport forced Microsoft (over a period of years) to re-examine their fundamental approach to identity. Further, it forced them to figure out how to monetize the idea of identity applications — and not simply the aggregation of identity itself. Conversely, Google’s business is now built on the aggregation of identity data, and they have yet to walk the painful Passport path.
Will the market force Google to learn the same lesson? I don’t know. On the other hand, one company is clearly advancing the cause of “identity 2.0″, “web 2.0″, “Net 2.0″ — call it what you will — and that company is Microsoft. The other company is deepening the silo and building the walled garden — and that is *so* late 90s.
While I love being in the software olympics as much as the next guy, I personally hope that Google embraces federation, Information Cards and the identity metasystem. They have enough smart people who understand these issues that I expect they will.
Name typo in subtitle.
August Sydney Architect Council - Kim Cameron on Identity 2.0…
Kim is paying us a visit in Sydney on 3rd August - he’ll be addressing the Sydney Architect Council,……
Kim Cameron is coming - shall we record his session?…
As Anna points out, we are incredibly fortunate to have Kim Cameron (identity uber-guru) coming out to……
[...] Kim on Google Authentication July 3, 2006 No Ratings Yet MUST READ: Kim Cameron on “Google’s Authentication versus Microsoft’s LiveID“. [...]
Open or Siloed Identity?…
…
Here are links to follow-up information referenced in yesterday’s TechNet Security Summit…
Thanks to everyone who join us yesterday for our TechNet Security Summit in London. In particular thanks……
[...] I’ve been trying to resist the temptation to comment on posts such as Dick Hardt’s “Google Account Authentication: two steps forward, one step back” and Kim Cameron’s “GOOGLE’S AUTHENTICATION VERSUS MICROSOFT’S LIVE ID” (which is mostly Eric Norlin’s “Google’s authentication vs. Microsoft’s Live ID“), since I work for Google and such comments might be misconstrued. However, bad journalism is bad journalism, even if you’re a blogger and I’m a Google employee, so I’m going to comment anyway. Note that, like everything I blog here, this post does not reflect Google’s views, nor does it use any knowledge I may or may not have as a Google employee. [...]
[...] Identity master Ben Laurie of Google pushes back on me for picking up Eric Norlin’s recent piece on Google Authentication.  Ben writes: I’ve been trying to resist the temptation to comment on posts such as Dick Hardt’s “Google Account Authentication: two steps forward, one step back†and Kim Cameron’s “GOOGLE’S AUTHENTICATION VERSUS MICROSOFT’S LIVE ID†(which is mostly Eric Norlin’s “Google’s authentication vs. Microsoft’s Live ID“), since I work for Google and such comments might be misconstrued. However, bad journalism is bad journalism, even if you’re a blogger and I’m a Google employee, so I’m going to comment anyway. Note that, like everything I blog here, this post does not reflect Google’s views, nor does it use any knowledge I may or may not have as a Google employee. [...]
[...] Kim and yours truly pointed out some time ago, LiveID will (in the future) support Information Cards. [...]
[...] Kim and yours truly pointed out some time ago, LiveID will (in the future) support Information Cards. [...]
[...] такими как Passport и Live ID, в веÑьма нелеÑтном Ð´Ð»Ñ Google тоне. Ðе Ñмог оÑтатьÑÑ Ð² Ñтороне и главный идеолог и оратор Microsoft на [...]