Today at RSA Conference Europe 2006, Microsoft introduced the second beta for its Certificate Lifecycle Manager (CLM). CLM is a new technology from Microsoft which will help organizations manage and deploy digital certificates and smart cards in a centralized environment. Smart card logon requirements, inventory management, card enrollment, and card revocation can all be controlled through the CLM.

CLM is primarily administered via a browser, specifically Internet Explorer 6. Because the system is able to integrate with Active Directory and its certificate authorities, CLM can control not just a user's ability to log into corporate computers, but also corporate facilities in general. The infrastructure sounds fantastic, but Microsoft must still overcome one major hurdle for it to work: the internal architecture of each smart card can differ greatly. What that means is that one smart card may behave much differently from another.

In order to solve this problem, Microsoft wants to create a "trust ecosystem" among vendors. In this environment, vendors would need to write drivers that would enable the CLM to recognize their smart card. In an interview with BetaNews, Microsoft's director or identity and access products, John G. Chirapurath, said, "All a smart card manufacturer needs to do to have their smart card managed via CLM is to write a little piece of code that we call a 'mini-driver' or a 'card module' and bingo, CLM is able to manage that smart card." Over time, the company hopes that many smart card vendors will buy into Microsoft's plan and eventually develop software that will allow their smart cards to easily fit in with the CLM ecosystem.