The Microsoft exec behind its upcoming InfoCard authentication system has promised that the software giant has learnt its lessons from Passport.
The company is taking a more open tack in developing the identity management platform, said Kim Cameron, Microsoft's chief architect of identity and access.
Like Passport, InfoCard, is designed to make it easier for users to surf the Web by keeping track of their user names and passwords as they move from site to site. Unlike Passport, however, InfoCard is being designed to work on client and server software that was not developed by Microsoft.
Since the beta version of InfoCard was released in May, Microsoft has been working with developers of the Firefox and Opera browsers, as well as organisations including Apache and Apple, said Cameron.
"These aren't your typical Microsoft customers," he said. "The main thing is, we need a solution that works on Linux boxes as much as it works on Microsoft boxes."
The Passport identity management system now processes about one billion authentication requests per day, making it too popular to rightly be called a failure, but the service has never gained popularity outside of Microsoft's own Web properties, Cameron said.
"When it comes to identity, people want to understand why the parties to any interaction are there," he said. "It makes sense for people to use passport, run by Microsoft to access Microsoft properties. It didn't make sense for users to use Passport to access eBay."
Likewise, Europeans were uncomfortable with the fact that Passport data was stored on servers in Redmond, Washington, he said. InfoCard seeks to get around this problem by operating in what Cameron calls a "polycentric," and "polymorphic" fashion, meaning that the software will run on different operating systems, and the data will be stored in places that make sense to the user.
After its release, Passport was blasted by privacy advocates, including the Electronic Privacy Information Center, which argued that Microsoft was not taking adequate steps to protect and give users control of their data. At the time, Microsoft disputed these concerns, but the company now needs to welcome them, Cameron said.
"We need to invite the people who used to be called privacy extremists into our hearts because they have a lot of wisdom. This is not the son of Passport."
Microsoft's goal is to make it easier to create "identity-aware software", while at the same time respecting the users privacy concerns, he said.