.NET UPDATE —brought to you by the Windows & .NET Magazine Network
THIS ISSUE SPONSORED BY
Free White Paper from Microsoft and NetIQ
Exchange & Outlook Administrator Web Site
SPONSOR: FREE WHITE PAPER FROM MICROSOFT AND NETIQ
Need to ensure your servers and applications are ALWAYS performing at their peak? Want to resolve problems quickly? Learn how! Read the free performance white paper, written by NetIQ and Microsoft. You'll discover how to optimize the performance and availability of your entire IT infrastructure—while reducing the burden on your IT staff. Download the free white paper now!
September 5, 2002—In this issue:
- .NET Passport Gets an Overhaul
2. .NET NEWS AND VIEWS
- Microsoft Downplays .NET in Win.NET Server 2003
3. DOT-TECH PERSPECTIVES
- Introducing UDDI 3.0: Policy Decisions
- Take Our Exchange Survey and Enter to Win a Microsoft Xbox!
- The Security Solutions You've Been Searching For!
- Event Highlight: MEC 2002
6. NEW AND IMPROVED
- Automate Help Desk Functions
- Submit Top Product Ideas
7. CONTACT US
- See this section for a list of ways to contact us.
(contributed by Paul Thurrott, news editor, [email protected])
I've spent a lot of time bad-mouthing .NET Passport this year in .NET UPDATE, but Microsoft finally seems to be addressing customer complaints and making the service more useful. In this issue, I examine the changes Microsoft is making to .NET Passport and how the service has evolved over time.
Like many so-called .NET technologies, .NET Passport began life long before .NET ever existed. And .NET Passport's background is particularly interesting because the service was originally developed by Firefly Network, a small Massachusetts company, in the mid-1990s. The Firefly Passport service was designed to provide personalized experiences on the Web; the service could recommend Internet content to users based on the sites that users visited and could also provide targeted advertising to users. Microsoft bought Firefly Network in early 1998, promising to make the smaller company's privacy technologies widely available to Microsoft's customers.
After Firefly moved to Microsoft's Redmond campus, the software giant set about transferring Firefly's technology into Microsoft Passport, originally billed as a universal Web registration system. The service provided a single sign-on (SSO) that users could employ on protected Web sites that required user logons, and also provided eWallet services, so that users wouldn't need to reenter their credit card information each time they visited e-commerce sites. The company introduced its Microsoft Passport service in March 1999.
However, Microsoft wasn't able to enlist many Web sites or consumers to use Passport, so the company later integrated the technology into many of its connected products, including MSN, MSN Hotmail, MSN Messenger, and, finally, Windows itself in the late 2001 Windows XP release. By making Passport registration a requirement for these products, Microsoft was ostensibly able to make Passport a fairly popular service, but it's no exaggeration to say that few users were interested in Passport per se. Instead, most customers subscribed to Passport because they had to in order to use a product, typically Hotmail, that they did want. Eventually, Microsoft overhauled Passport, like so many other products, to make it a .NET technology and later renamed the service .NET Passport.
As I discussed in the August 22, 2002, .NET UPDATE, Microsoft recently settled with the Federal Trade Commission (FTC) over complaints about deficiencies in .NET Passport's privacy and security features. Part of this settlement requires the company to beef up the service's security and privacy to better protect users. This week, concrete evidence of these changes is finally emerging, although I should note that Microsoft has been working on some of these changes for some time. Here's what we know so far.
First, the company has begun notifying .NET Passport users—primarily Hotmail account holders—about certain changes to security. A primary policy change is that new .NET Passport customers can't supply a bogus email address when joining the service, as was acceptable in the past. This policy change addresses the problem of malicious users appropriating an innocent user's email address to open a .NET Passport account, a practice that garnered many complaints. Second, Microsoft has redesigned its authentication services so that the servers that host .NET Passport's logon Web pages are on a different network than the servers that host the service's authentication components. This change will make it harder for hackers to spoof Passport's authentication components, Microsoft says.
Additionally, Microsoft is making it possible to change a Kids Passport account into a standard .NET Passport account. The company made this change so that users who register for .NET Passport and enter the wrong birth date by mistake (thus accidentally creating a Kids Passport account) can easily convert the account to .NET Passport. The company will require a credit card or similar proof-of-adulthood for a user to make this change, however.
Also, users can close their .NET Passport accounts much more easily now. Doing so was difficult or even impossible in the past. Now, users can access an online tool to close a .NET Passport account.
Finally, Microsoft has released a new version of its eWallet feature and will phase the new version in to .NET Passport through next March. A number of retailers, such as Blue Nile, FogDog Sports, Kmart, Nordstrom, OfficeMax, RitzCamera.com, and The Sports Authority, have enlisted in the new service, dubbed MSN Wallet, although whether MSN Wallet will be any more successful than eWallet is anybody's guess. The difference this time around is that MSN Wallet is more streamlined than eWallet and is integrated with MSN eShop sites, offering users fewer logon requirements. The company is planning future promotions—such as online coupons and member-only special deals—to drive MSN Wallet usage.
These changes mean .NET Passport is becoming safer, easier, and more secure, and that the oft-touted but little used eWallet functionality might actually start getting a workout. Whether users will embrace a central eWallet is unclear, of course, but seeing Microsoft refine a service that should be crucial to the future of the Web is heartening. Seeing how the company promotes and expands MSN Wallet will be interesting.
SPONSOR: EXCHANGE & OUTLOOK ADMINISTRATOR WEB SITE
GOT A MESSAGING PROBLEM YOU CAN'T SEEM TO FIX?
Visit our Exchange & Outlook Administrator Web site for news, articles, discussion forums, FAQs, and technical solutions in one easy-to-navigate Web site. While you're there, check out the helpful article "Common .pst File Questions" at
2. .NET NEWS AND VIEWS
(contributed by Paul Thurrott, [email protected])
Microsoft contacted me last week to alert me to an interesting branding change for Windows .NET Server (Win.NET Server), which the company will now market as Windows .NET Server 2003. I'd heard rumors that Microsoft was going to start downplaying .NET in its product branding, and this change surely is the first sign. According to the company, putting the final finishing touches on the branding and marketing of its products during the release candidate (RC) stage takes time. The company internally communicated this change to Microsoft employees on Tuesday, August 27, at the annual employee meeting and is now requesting that any references to the product use the new moniker. The new Win.NET Server 2003 family comprises Win.NET Server 2003, Standard Edition; Win.NET Server 2003, Enterprise Edition; Win.NET Server 2003, Datacenter Edition; and Win.NET Server 2003, Web Edition.
3. DOT-TECH PERSPECTIVES
(contributed by Christa Anderson, [email protected])
Let's continue the discussion we began in the August 8, 2002, .NET UPDATE of Universal Description, Discovery, and Integration (UDDI) 3.0 by looking at how the specification supports policies. Not all UDDI registries operate under the same conditions. Some registries will support only users who have access to a closed intranet, some will support only users who have access to a public Web site, and some will support both categories of users (and might need to provide varying degrees of access for each kind of user). Even within a single deployment model, registries might need to operate under different rules during the various stages of deployment (i.e., development, testing, and production). Because UDDI 3.0 supports registry interaction, wherein people or applications might access multiple registries (rather than one big registry), supporting the various rules by which registries operate is especially important.
To cover all the different conditions under which a UDDI registry might present its contents, UDDI 3.0 supports policies. Included in that support are a new policy schema to represent policy decisions and changes to UDDI, and a policy guide that helps users make a registry operate according to rules that are appropriate to the circumstances under which client applications access the registry or information is published to it. Aspects of UDDI that the version 3 specification has identified as policy decisions include authorization models, data custody and confidentiality, key generation, subscription, user publication limits, and audit policy (the specification includes a complete list). Some policies, such as those for key generation and key format (mechanisms that are necessary to permit administrators to import and export keys among nodes) are required, and others, such as those that define the mechanisms through which a particular user can publish information to the registry, are optional.
How do UDDI registries know about policies? XML documents can define policies, or (more rarely) UDDI elements can directly model policies—the UDDI 3.0 specification lists the available policies and suggests how best to apply each one. When a policy is defined in an XML document, the document should be a human-readable and Web-accessible document with its URL included in the registry. The UDDI 3.0 specification recommends that policy documents that define node or registry policy be listed as business services.
A UDDI registry can exist on one node or can be distributed across several nodes, and this distributed model affects the way policies work. If you're familiar with how policies operate in Active Directory (AD), you won't find policies in UDDI too difficult to grasp because the models are similar. Each UDDI registry defines broad registry policies, one of which is whether the individual nodes within the registry can define policies. If a registry lets a node specify policies, the registry is "delegating" the policy expression to the node. Therefore, UDDI can define policies either for a single node that supports a registry or for a registry that's distributed among multiple nodes, so long as the node-level rules are consistent with the policies defined for the entire registry. For security, policies can include digital signatures, such as those we discussed in the August 22, 2002, .NET UPDATE.
The bottom line is that different UDDI implementations can use policies to mold a particular registry in ways appropriate to the framework within which the registry offers resources. For more details, check out Chapter 9 of the UDDI 3.0 specification at
(brought to you by Windows & .NET Magazine and its partners)
We need your opinion! Take our brief survey on managing Microsoft Exchange Server with third-party tools, and we'll automatically enter your name into a drawing for a Microsoft Xbox. Click here to start the survey!
Our popular Interactive Product Guides (IPGs) are online catalogs of the hottest vendor solutions around. Our latest IPG highlights the security solutions and services that will help you protect your data and your network before disaster strikes. Check it out at:
EVENT HIGHLIGHT: MEC 2002
MEC 2002 is your opportunity to connect with other IT professionals in a cutting-edge, hands-on environment that's loaded with essential information for managing enterprise network complexity. This year's conference is more robust than ever. Be the first to get acquainted with Windows .NET Server (Win.NET Server) 2003 and the next version of Microsoft Exchange Server. Learn how to gain maximum productivity and dependability through a connected infrastructure based on the Microsoft Server Platform—Windows servers, Active Directory (AD), Exchange, Internet Security and Acceleration (ISA) Server 2000, and Microsoft Operations Manager (MOM).
For other upcoming events, check out the Windows & .NET Magazine Event
6. NEW AND IMPROVED
(contributed by Carolyn Mader, [email protected])
GWI Software announced c.Support for .NET, Web-based Help desk automation software for the .NET and Lotus Notes platforms. c.Support for .NET is fully configurable and works within existing systems and networks. You can access the software through browser clients to assign, route, research, capture, and publish solutions. The product lets end users access solutions and submit and track service requests. The .NET version requires a Windows XP or Windows 2000 server. Pricing starts at $6475 for a 5-seat Help desk. Contact GWI at 360-397-1000.
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future What's Hot column. Send your product suggestions to [email protected].
7. CONTACT US
Here's how to reach us with your comments and questions:
- ABOUT THE COMMENTARY — [email protected]
- ABOUT THE NEWSLETTER IN GENERAL — [email protected]
(please mention the newsletter name in the subject line)
- TECHNICAL QUESTIONS — http://www.winnetmag.net/forums
- PRODUCT NEWS — [email protected]
- QUESTIONS ABOUT YOUR .NET UPDATE SUBSCRIPTION?
Customer Support — [email protected]
- WANT TO SPONSOR .NET UPDATE?
This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.