Love is in the air (CardSpace, OpenID, SAML)
Past few weeks have seen some major announcements that are definitely going to impact the identity infrastructure on the net. I won’t go as far as calling them marriages but they are affairs worth noticing.
- CardSpace and OpenID: Microsoft announced their acceptance of OpenID with much fanfare. I won’t go in the details since Google alerts have already been stress tested to report this news.
- AOL and OpenID: AOL announced that every AOL/AIM user now has a valid OpenID url. AOL announcement is particularly interesting since I believe their user base is (almost) mutually exclusive to the OpenID early adopters.
- Google and SAML: Google announced SAML-based SSO for ‘Google Apps For Your Domain’. It’s interesting that Google chose to go the SAML route for the enterprise customers while continue to maintain the Google Account theory for the general web.
It’s difficult to gauge if the entities were thinking on the same lines while entering the relationship.
Reason for my skepticism:
- CardSpace and OpenID: There are more than one ways the two can be integrated. Security is CardSpace’s forte while OpenID is here due to its simplicity. I’ll be curious if Microsoft can convince the OpenID providers to support WS-Trust and it essentially becomes an STS function. Or if the Open ID group can convince Microsoft to loosen up on the security/encryption/signing requirements of xmlToken.
- AOL and OpenID: AOL announced that it will be working as the IdP and doesn’t yet act as an OpenID relying party. Going back to the concerns I (and a few others) have raised earlier that there is a lot more to loose for the relying party. It will be interesting to see if/when AOL opens up their gates for the outside OpenID providers.
- Google and SAML: As Google enters more partnerships in the consumer space, will they continue to push for Google Accounts or adopt SAML. I liked Verisign’s approach of PIP for no-value transactions and VIP for value based transactions (their PayPal demo at RSA was pretty cool).
Only time will tell if these affairs will result in longer term relationships. I’m told that the divorce rate in this country is close to 50%. Having said that, I couldn’t be more excited to the way the things are shaping up and wish the couples a happy life together.
CardSpace, Identity, Infocard, OpenID | Ashish Jain | 
February 19, 2007 9:33 pm
Subscribe
Ashish Jain: Love is in the air (CardSpace, OpenID, SAML) Bernie Thompson: Why the lack of OpenID-enabled Rails apps? claimID: New Verified Page at claimID Martin Atkins: Can AOL securely authenticate its own users? The OpenID Buzz: AOL Now Supports OpenID
I’m sure the divorce rate for ‘celebrity’ marriages is even higher.
Nevertheless, I have it on good authority (a guy whose dry cleaner knows the sister of the legal secretary that drafted them) that iron clad pre-nups are in place.