Martin Atkins (mart) wrote in apparentlymart,
Martin Atkins

Windows Live ID: Time to write another Identity Proxy?

As most will be aware, Microsoft recently announced that it is opening up access to Windows Live ID for use as an authentication mechanism for other sites.

I have to say that I'm less than impressed at the prospect of yet another closed, proprietary authentication protocol being added to the pot, especially from Microsoft who have previously been interested in OpenID. This will no doubt fragment the "single sign-on" market still further, meaning that people are inevitably going to have to get yet another single sign-on account in order to sign in to the full spectrum of sites.

So what benefits does Live ID bring to the table? The thing that jumped out at me most was the inclusion of remotely-initiated sign-out, which also includes the ability for the Live ID site to attempt to end all of a user's login sessions simultaneously. This is something that OpenID struggles with, since OpenID itself does not have the concept of a "session" and is merely an authentication mechanism.

"Single sign-out" has certainly been discussed before, and the concept of sessions is perhaps a common enough one to warrant a IdP-managed session layer on top of OpenID Authentication.


  • Moved to TypePad is now hosted on TypePad rather than LiveJournal. All of the old content remains over here in LiveJournal land, but those who are…

  • Moving the Goalposts

    In the few weeks since I published the first drafts of AtomActivity, ActivitySchema and friends several things have come about: FriendFeed is…

  • Activity Streams and Comment Aggregation

    One pain point that exists for activity streams right now is the dispersal of responses over various networks. When I post a blog entry like this…

  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment