Microsoft plans to reveal further details about the next version of its Passport e-business authentication service in the coming months, although the company is not yet committing to a release date.
"We've been talking about the general road map for Passport for a while and that the way you'll interoperate with the system will be based on WS-Security and the associated protocols that we've been working (on) with IBM," Sohn said.
Standard protocols are needed to federate with other providers, enabling identities not generated by Passport to be accepted within Passport-compliant systems.
Passport, formally called .Net Passport, is a service in which authentication information, such as user names and passwords, are maintained at Microsoft datacenters. Microsoft's maintenance of this information has drawn criticism from vendors supporting the rival Liberty Alliance specification, but Sohn insisted the amount of information maintained by Microsoft about each user is minimal. There are in excess of 200 million Passport accounts and approximately 300 Web sites that use it, including Microsoft's own sites, Sohn said.
Sohn added that Web services technology in general is being added throughout Microsoft's entire software platform.