Nov 22, 2005

A whole lot of identities

I've been catching up on my blog role, finally... and found a dirth of postings regarding Microsoft's recent smiting of SAML which quotes:

Microsoft will soon start shipping "a whole lot" of servers that use WS-Federation protocols, and those client computers will be compatible, Schmidt said.


Wow. so, "a whole lot of computers". Good. I fell better now ;-) Really, I have no qualms about supporting WS-Trust and InfoCard. In fact, there is no reason SAML tokens could not be used within the InfoCard architecture, as near as I can tell... we'll see what pops out of the OASIS WS-SX Technical Committee at OASIS. Before that, who knows, really.

I had high hopes that Microsoft would support SAML in at least the InfoCard architecture, and Kim was one who had given me confidence in that aspiration. But he's blogged recently:

I have been tireless in arguing the need to support new token formats essential to such [identity meta] systems - rejecting the prevelant bugaboo that we should limit all future technology to SAML and then congratulate ourselves on how clever we are. Isn't that OK too?


Well, yes it's OK. Of course, I'm not sure who's actually saying that SAML should just be adopted by everyone, and we can all go home. Perhaps IT Executives who are waiting for the dust to settle a bit over WS-Fed vs SAML are eager to at least see some effort at convergence... but it seems that is less likely to happen, given this recent sentiment.

But I would say that SAML enjoys broad support and adoption. Tens ... maybe even hundreds... of millions of users are serviced by SAML-based protocols today. I think that is a "whole lot of identities", which is just (if not more) demonstrable of success and broad adoption, than "soon shipping"... "a whole lot of computers".

Tags: | | | |