If federated identity protocols can’t agree upon a uniform token format, or even standardized processes to arrive upon such a format, then perhaps they could agree upon a set of fundamental terms and concepts they all share. This may be the only key to resolving a major roadblock for enterprises.
Of all the problems with making the twenty or more user identity federation protocols in active use today work together, the most prominent is this: The standards upon which all those protocols are based are themselves moving targets. Thus a fixed solution one month may fail to work next month.
“In order for us to build interconnected systems, we need to have some agreement between all of the people who are going to be using this software and the vendors, on what the standards are for interconnecting identities,” said Stuart Kwan, Identity and Access Group Program Manager for Microsoft. “I don’t know if I would characterize it as any one vendor who is leading here. We all have to work together to make things happen, and Microsoft has been involved with a lot of the standards bodies in this area, in OASIS, in the IETF, and increasingly, other places where these standards have been advancing. . . We’ve been making a pretty major investment in engaging in these conversations, both in the industry and in standards bodies, to help move the ball forward with everyone else.” READ MORE