Beyond Windows CardSpace

For several years Microsoft has advocated the claims based identity model for more secure access and use of online applications and services. With enhancements to our existing platform, such as Active Directory Federation Services 2.0 and Windows Identity Foundation, we’ve made progress in that initiative. Claims-based identity is used widely inside Microsoft and is now part of many Microsoft products, such as SharePoint, Office 365, Dynamics CRM, and Windows Azure.

Microsoft has been a leading participant in the identity community and an active contributor to emerging identity standards. We have increased our commitment to standardization activities and added support into our products for the SAML 2.0, OpenID 2.0, OAuth WRAP and OAuth 2.0 protocols.

There is one component of our identity portfolio where we have recently decided to make a change. Windows CardSpace was initially released and developed before the pervasive use of online identities across multiple services. Perhaps more importantly, we released the user component before we and others had delivered the tools for developers and administrators to easily create claims-ready services. The identity landscape has changed with the evolution of tools and cloud services. Based on the feedback we have received from partners and beta participants, we have decided not to ship Windows CardSpace 2.0.

Claims-based identity remains a central concept for Microsoft’s identity strategy, and its role in our overall strategy continues to grow. Furthermore, we are not abandoning the idea of a user agent for exchanging claims. As part of our work on claims-based identity we are releasing a new technology preview of U-Prove. This release of U-Prove will take the form of a user agent that takes account of cloud computing realities and takes advantage of the high-end security and privacy capabilities within the extended U-Prove cryptographic technology.