Microsoft’s wanted a really good federated identity scheme ever since the early 2000s, when it gave the world Project Hailstorm, aka “.Net My Services”, to let a web of online services know a little about you and the information you are happy to share with others.
Hailstorm passed, swept back years later as Geneva Server and now seems to have found its way into a blockchain-powered conceptual heir that Microsoft’s now named “Decentralized Digital Identities” .
Alex Simons, director of program management in Microsoft’s Identity Division has revealed that “Over the last 12 months we’ve invested in incubating a set of ideas for using Blockchain (and other distributed ledger technologies) to create new types of digital identities, identities designed from the ground up to enhance personal privacy, security and control.”
Microsoft’s identity ambitions, he wrote, now centre on user-controlled-and-owned Decentralized ID schemes so that a single data breach can’t give crooks the keys to your kingdom.
“After examining decentralized storage systems, consensus protocols, blockchains, and a variety of emerging standards we believe blockchain technology and protocols are well suited for enabling Decentralized ID,” he wrote.
Failure to launch
But like so many others considering blockchain, Microsoft has hit upon scaling problems.
“While some blockchain communities have increased on-chain transaction capacity (e.g. blocksize increases), this approach generally degrades the decentralized state of the network and cannot reach the millions of transactions per second the system would generate at world-scale,” Simons wrote. “To overcome these technical barriers, we are collaborating on decentralized Layer 2 protocols that run atop these public blockchains to achieve global scale, while preserving the attributes of a world class DID system.”
Microsoft’s not detailed what that work will entail, but has said that its Authenticator app will soon support Decentralized Identitie.
“With consent, Microsoft Authenticator will be able to act as your User Agent to manage identity data and cryptographic keys. In this design, only the ID is rooted on chain. Identity data is stored in an off-chain ID Hub (that Microsoft can’t see) encrypted using these cryptographic keys,” Simons wrote.
Simons didn’t offer a timeline for Microsoft’s contributions, but we imagine they will be eagerly awaited given blockchain transaction times have already seen prominent vendors – Microsoft included – bail from offering pay-by-bitcoin on their online stores