Microsoft Says No to Liberty Alliance

Despite IBM's decision to join the identity management group, which is working to define standards around federated identity and Web services, Microsoft says it "has no plans" to take part.

Despite news that a key ally in the Web services standards space has decided to join the Liberty Alliance, an identity management group working to define standards around federated identity and Web services, Microsoft said it will not be following suit.

"Microsoft has no plans to join" Liberty, a company representative said.

IBM on Wednesday announced its membership in the Liberty Alliance, a significant move in that IBM and Microsoft Corp. set out with competing specifications for federated identity—including the WS-Federation and Microsofts Passport—while Sun Microsystems Inc. proposed the Liberty specifications.

But now, IBM is not only a Liberty member but also a board member, the company said.

/zimages/3/28571.gifRead more here about IBMs decision to join the alliance.

"Its about time," said James Governor, an analyst with RedMonk LLC, based in Bath, Maine. "IBM should have joined up a while ago. This is good for everybody—service providers, enterprises and anyone interested in federated service provision—and that means many potential Web services business models.

"Service aggregation requires federation," Governor said. "I see this is as evidence of some interesting new shifts in the industry. The Sun-Microsoft detente may indirectly have forced the issue.

"IBM needs to play nice with Liberty from a marketing perspective," he added. "The potential market is just absurdly big if were talking about cell-phone endpoints—a billion of them out there.

"That is not a market to be seen to be ambivalent about," Governor said. "From a consumer perspective, privacy fears continue to grow, and we must be more careful about giving away our identity information. Liberty can potentially make e-commerce a lot safer and more effective."

Ronald Schmelzer, an analyst with Waltham, Mass.-based ZapThink LLC, said the industry would benefit from a unified stack of standards. "A consolidated stack of security standards for Web Services is great for the industry," Schmelzer said. "Maybe Microsoft is next?"

Eric Newcomer, chief technology officer at Iona Technologies Inc., also based in Waltham, Mass, said, "This really seems to tip the balance toward the Liberty Alliance in terms of whos got the momentum behind driving the standards for federated identity."

"Microsoft does not participate either in the Liberty Alliance or in the Security Assertions Markup Language [SAML] work at OASIS, on which the Liberty Alliance profiles are based," Newcomer said. "One good question as a result of this change is the future of the WS-Federation specification in the Web services security space.

"This may be an indication that were going to see the Liberty Alliances ID-Web Services Framework get even more traction," he said. "The ID-WSF is already implemented by AOL and Nokia, and if IBM adds its weight behind it, we may see a shift in favor of the Liberty Alliance here in this key piece of Web services security work."

Next Page: Untangling the relationships.