Martin Atkins (mart) wrote in apparentlymart,
Martin Atkins

Windows Live ID: Time to write another Identity Proxy?

As most will be aware, Microsoft recently announced that it is opening up access to Windows Live ID for use as an authentication mechanism for other sites.

I have to say that I'm less than impressed at the prospect of yet another closed, proprietary authentication protocol being added to the pot, especially from Microsoft who have previously been interested in OpenID. This will no doubt fragment the "single sign-on" market still further, meaning that people are inevitably going to have to get yet another single sign-on account in order to sign in to the full spectrum of sites.

So what benefits does Live ID bring to the table? The thing that jumped out at me most was the inclusion of remotely-initiated sign-out, which also includes the ability for the Live ID site to attempt to end all of a user's login sessions simultaneously. This is something that OpenID struggles with, since OpenID itself does not have the concept of a "session" and is merely an authentication mechanism.

"Single sign-out" has certainly been discussed before, and the concept of sessions is perhaps a common enough one to warrant a IdP-managed session layer on top of OpenID Authentication.


  • The next evolution for OpenID?

    This morning at IIW Dick Hardt presented his vision for solving the issue whereby a user is dependent on his OpenID provider being up and non-evil.…

  • HTML 5 vs. Yadis

    One of the ways that the Yadis specification allows for the XRDS document location to be declared is via the X-XRDS-Location header embedded via a…

  • Client Certificates: It's easy, man! recently added support for logging in with client certificates. I've heard people talking about client certificates lots of times, but…

  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment