Kirk Evans Blog

.NET From a Markup Perspective

Sun and Microsoft moving towards digital identity interop

On December 1st, a news teleconference was held that discussed some of the progress that Sun and Microsoft have made since swapping hockey jerseys.  The transcript of the Sun and Microsoft news conference is available online, and there is some great information tucked within.

Hi, so today, as you’re probably all aware, there are two major stacks, software stacks around Web services, there’s the Liberty technologies, and there are the technologies around WS Star, the federation and security protocols. One of the things that we’ve heard time and time again from our customers is that they would like to be able to build systems that can work in either direction. So, for example, if we had Microsoft products and Sun products they would like those identity products to interoperate. And our engineers and folks from Sun have been working for quite a while now to work through the details of how we’re going to make that happen. We don’t have anything to announce today, and we expect to have more announcements on this next year, but we are making very solid progress toward making that happen.

John Shewchuck, Distributed Systems Architect, Microsoft

I can’t wait to find out what is behind this statement.  You can infer more at the bottom of the page.  Schewchuck is responding along with Greg Papadopoulos, Chief Technology Officer, Sun Microsystems:

GREG PAPADOPOULOS: I think it is as I said, it’s representative of things that are at the top when our customers go prioritizing they give us evidence, when they say, we mean identity and authentication, one of the things they point to is, look there’s a difference between the approaches to, say, Liberty takes an approach, and what Microsoft has taken as an approach, help resolve that.

JOHN SHEWCHUCK: It’s also worth understanding that Passport has undergone a fairly significant change in that we are moving Passport to a fully federated model based on the WS Star specifications. As we get interoperability between WS Star and the protocols that Sun uses, we anticipate the ability to have those systems work together better.

GREG PAPADOPOULOS: We expect Passport and Liberty to work better together.

JOHN SHEWCHUCK: WS Star in particular, and the Liberty protocols. Passport is the MSN log-in system.

GREG PAPADOPOULOS: I think the contrast…don’t think of Passport and Liberty as being the contrast, think of, there have been some protocols that Microsoft and some of the other companies we’ve worked with developed on top of the more basic web service protocols, one of these was called WS Federation, and parallel with that, Sun and some companies that Sun has worked with have developed some other protocols. These are a little bit different, just in the technical details. But, both of them address the problem of how to do browser authentication. What you’re hearing today is that both of us are in agreement that we need to do some work to create interoperability between those systems that were developed independently.

I would be happy to be proven wrong.  Maybe a SAML token for WS-Security is part of the answer.