Microsoft said this week it would collaborate with Zend Technologies to allow PHP developers to build support for user-centric identity cards into their Web-based applications.
PHP is a popular general-purpose scripting language suited for Web development and can be embedded into HTML. Developers will now have the option of using Microsoft's information card technology to secure access to applications instead of requiring user names and passwords.
Microsoft's client implementation of the information card technology is called CardSpace, which ships with Vista and can be added to Windows XP. There are also other information card implementations, including Novell's DigitalMe software that includes a client for the Mac.
The information card implementations provide users with a "digital wallet" that holds any number of separate identity cards that can be used to authenticate to various Web sites or network resources, such as applications or databases, or to complete transactions online.
Zend Technologies will enable support for information cards through a component built for Zend Framework, an open source PHP application framework for developing Web applications and Web services. Using the component as part of the framework or on its own, PHP developers can specify a Web site's security policy and allow the acceptance of information cards from trusted third parties.
PHP is the fourth development technology to offer information card support. The others are ASP.NET, Ruby on Rails
and an information card library project implemented in C, developed by identity federation vendor Ping Identity.
Microsoft last month, launched a massive scalability test around CardSpace by supporting its use on its Hotmail and other Live online services. Microsoft also said it would update CardSpace by year-end with options to ease deployment. Version 3.5 of the .Net Framework, which includes the CardSpace technology, will not require Web sites using CardSpace to have an SSL certificate. With .Net Framework 3.0, every CardSpace site had to deploy as a secure HTTP (HTTPS) site. That meant that casual Web sites, such as those run by bloggers, had to buy and correctly install a certificate, and run from a fixed IP address just to provide simple logons via CardSpace.