Goodbye to Passport

Looks like Microsoft's battleplan for Passport is in full retreat.

Several years ago, I integrated Passport with 3D-Secure so online credit card users can use Passport to approve online credit card transactions.  It worked well and some banks expressed interest but nothing came of the project because of all the bad press surrounding Passport.  Of course, Passport guys didn't help much either other than complaining about their cost and getting pushy with .NET adoption.

I also designed a P2P payment system on top of it but, thankfully, never got around to building it.  Otherwise, I would have been pretty upset by now.

The good news is that a class of vulnerabilities in Passport prompted Microsoft to add HTTP-only cookie support to IE.  Hopefully, support for HTTP-only cookie will become ubiquitous in the near future.