Pointer to article:
No event signifies the failure of MSN Passport—and of identity-aggregation schemes in general--as well as this. Identity federation is the only workable solution to cross-domain, cross-enterprise, cross-platform single sign on (SSO). Microsoft knows this, which is why it has significantly put its weight behind wannabe federation standards such as WS-Federation—though it has had to pull back that spec as well, due to lackluster industry support. The identity federation landscape is now squarely riding on the SAML 1.0/1.1 and WS-Security 2004 standards (and, starting in 2005, on SAML 2.0, which incorporates the bulk of the core Liberty Alliance standards for more robust, multidomain federation).
Now, Passport is more purely an internal MSN-specific identity-aggregation/SSO scheme. And it’s the last vestige of Microsoft’s failed “Hailstorm” initiative of hosted, identity-enabled, subscription services. We can add Passport to the list of failed, proprietary .Net-generation Microsoft infrastructure technologies—such as .Net Remoting—that the vendor has largely abandoned in its “Longhorn” roadmap.
Microsoft keeps returning to the drawing board. And that’s a good thing (unless you invested in the fruits of its last trip to that board). The company’s learning a bit of humility the hard way. And it’s learning that it’s important to pay attention to what’s on the industry’s drawing board. Because some schemes—such as the need for purely standards-based identity federation—are larger than any single vendor, platform, or application.
You think Microsoft some day might auction off Passport technology on eBay? Any bids?