In a surprising move, Microsoft Corp. on Thursday announced that it will open up a portion of the source code of its Passport identity service on a limited basis.
Speaking at a conference on digital identity in Denver, Microsoft CTO Craig Mundie said the company will make the source code of its Passport Manager available to licensed companies, academics, developers and governments as part of its Shared Source Initiative. Passport Manager is a small piece of code that runs on a Web site that is affiliated with the Passport network and manages communications and integration with the service.
The code will be made available in November through the new Passport Manager Licensing Program.
Like most software vendors, Microsoft in general is very cautious about sharing any of its source code. But the company has come under fire from privacy advocates, competitors and users over the way that Passport collects user data, so exposing select portions of the code may be the companys way of helping to alleviate those concerns.
"The industry is engaging in an open dialogue on how to address the business and policy implications of creating and exchanging digital identities," Mundie said at the Digital Identity World 2002 conference.
He also announced an upcoming enhancement to Passport, called the Password Quality Meter, which will help users improve the strength of their passwords by avoiding commonly chosen words.
The Redmond, Wash., companys competitors praised Microsofts move to open part of the Passport code.
"Microsofts decision to open Passport source to developers is a good decision. The announcement, coupled with Microsofts decision to integrate WS-Security in their future revisions, shows that Microsoft is beginning to understand the need for transparency in identity management," said Justin Taylor, chief strategist for directory services at Novell Inc., of Provo, Utah, one of Microsofts oldest rivals. "Making Passport more transparent to the industry will go a long way in making Passport more trusted and make in easier for companies like Novell to support it."
Novell is also a member of the Liberty Alliance Project, which has developed an open specification for federated identity management.
- Microsoft Bolsters Passport Security
- Commentary: Open-Source Smoke Screen
- More Security Coverage