As Brad mentioned a few weeks ago (http://brad.livejournal.com/2226738.html), I've been working a lot on moving OpenID forward along with the guys up at JanRain. With Brad and their feedback, I've taken the existing spec (http://www.openid.net/specs.bml) and cleaned it up into something that looks much more like what people would expect. Right now you can find it at http://www.openid.net/specs/ and I'll be making that the home for all of the OpenID specs in the future. Besides this, we've also been working on the next version of OpenID Authentication. The main goals have been to: - Deal with the few current security issues - Build the framework to support extensions for passing rich information on top of an authentication assertion - Allow the use case of entering the URL for your IdP versus your entire Identity URL to support multiple personas - Support both URLs and i-names as an Identifier since all i-brokers are now required to support OpenID Authentication. For the time being we can use their URL based proxy XRI resolver to keep code simple We see OpenID as being an umbrella for the framework that encompasses the layers for identifiers, discovery, authentication, and a messaging services layer that sits atop and this entire thing has sort of been dubbed "OpenID 2.0". We see URLs and XRIs being the identifier layer, Yadis as discovery, OpenID Authentication for the authentication layer, and then are also working with JanRain to develop a light-weight abstract messaging layer. This will enable things like profile exchange and secure "email" directly between an IdP and Consumer or IdP to IdP. I've really taken the tack of thinking about profile exchange just as a use case of doing something on behalf of the end user, which has allowed us to abstract it out into a piece of infrastructure that can be shared. In the end, you'll see multiple small specs under the OpenID name that can all be pieced together or used separately. The current plan is to have something much more concrete, actual proposed spec changes, for all of you to comment on by the end of next week. Josh Hoyt from JanRain has been cranking on most of the actual work which has really helped me. I'll then play editor for the spec and JanRain will start working on making all of this a reality within their OpenID libraries. Next Friday, the 23rd, I'd also like to extend an invitation to all of you to come down to VeriSign's campus in Mountain View and have a day meeting much like the one I hosted last year at Six Apart for Yadis. I think it would be a great opportunity for all of us to get in a room and really go over the changes being proposed for OpenID as well as help everyone better understand the direction and vision Brad and I share for it in terms of the core staying small/simple/modular while allowing the rich use cases that truly make it an Identity 2.0 technology. --David
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.3