OpenID is a decentralized digital identity system, in which any user’s online identity is given by URI (define), such as a Web address, and can be verified by any server running the protocol. Web sites that support OpenID are fashioned in such a way that Internet users don’t need to create and manage a new account for every site before being granted access; users need only to authenticate with an identity provider that supports OpenID.
Gates and Microsoft Chief Research and Strategy Officer Craig Mundie also outlined Microsoft’s conceptual approach to supporting Trustworthy Computing. Mundie said policy will be the key to managing computer access, rather than the gear connecting to the network. This includes adapting to the evolution of networks, protection and identity.
Gates also said Microsoft is a strong supporter of IPSec (define) and IPv6 (define). IPsec calls for Internet Protocol (IP) communications to be protected by authenticating or encrypting each IP packet in a data stream.
Microsoft announced Identity Lifecycle Manager (ILM) 2007, which adds support for managing strong credentials such as certificates and smart cards over, as the name suggests, the life cycle of a user identity. The company will rev ILM “2” in late 2008.
Microsoft also announced the public beta of the new Forefront Server Security Management Console, a Web-based management application that does on site or remote administration of Microsoft messaging and collaboration security software.
Finally, the company said it is supporting Extended Validation (EV) SSL Certificates in Internet Explorer 7. When a user visits a site with a valid EV Certificate, Internet Explorer 7 will alert the user to the identity information by turning the background of the address bar green and displaying identity information.
http://www.internetnews.com/security/article.php/3658246