Microsoft Corp. has thrown its weight behind OpenID, an emerging Web authentication standard. The announcement was made Tuesday at the RSA Conference in San Francisco during a joint keynote by Microsoft Chairman Bill Gates and Chief Research and Strategy Officer Craig Mundie that was long on vision and short on specifics. Microsoft pledged to work to integrate OpenID with its CardSpace identity management software, which is now available in conjunction with Windows Vista. "The marriage of CardSpace and OpenID 2.0 is actually a giant step forward," Mundie said.
By integrating these two technologies, Microsoft expects to "eliminate the issue of the man-in-the-middle-attack," Mundie said. In these attacks, which are increasingly being used by phishers, a thief steals sensitive information by setting up a fake Web site that passes information back and forth between the victim and the legitimate Web site. OpenID is an emerging open-source standard that simplifies the task of logging on to many different Web sites.