• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Stop wasting time looking for files and revisions. Connect your Gmail, DriveDropbox, and Slack accounts and in less than 2 minutes, Dokkio will automatically organize all your file attachments. Learn more and claim your free account.

View
 

OpenID_Authentication_2

Page history last edited by Chris Messina 11 years, 8 months ago

OpenID Authentication is currently the main spec from OpenID, providing a mechanism for parties to determine the ownership of a URI by asking a nominated third-party. Many sites are currently using the previous version of this specification as a mechanism for recognising users by their URI-based identifiers.

The 2.0 spec has been approved, and can be found on the specs page.

The following is a list of currently-open proposals for the Authentication 2.0 spec:

Request nonce and name Auth 2.0 2006-09-30 partially implemented openid.nonce to be renamed to openid.response_nonce, no agreement on request nonce yet
Authentication age Auth 2.0 2006-09-30 Rejected Current thinking this should be fleshed out first as an extension
Remove setup_url Auth 2.0 2006-10-05 Implemented (C74)  
Consolidated Delegation Proposal Auth 2.0 2006-10-06 Implemented (C79-C83, C109) Consolidates IdP-supported Delegation and Separate Public Identifier from IdP Identifier plus subsequent proposed amendments
Bare Request Auth 2.0 2006-10-14 Implemented (C76) replaces bare request / bare response proposal
RP identifier Auth 2.0 2006-10-18 Rejected openid.realm is unique identifier for a RP
rename Identity Provider to OpenID Provider Auth 2.0 2006-10-18 Implemented (C104)  
Handle user@example.com Auth 2.0 2006-10-19 Proposed  
Remove associations in the clear Auth 2.0 2007-05-17 Implemented(C324), RFC Strictly disallow "no-encryption" when not using transport layer encryption

Comments (0)

You don't have permission to comment on this page.