OpenID Authentication is currently the main spec from OpenID, providing a mechanism for parties to determine the ownership of a URI by asking a nominated third-party. Many sites are currently using the previous version of this specification as a mechanism for recognising users by their URI-based identifiers.
The 2.0 spec has been approved, and can be found on the specs page.
The following is a list of currently-open proposals for the Authentication 2.0 spec:
| Request nonce and name | Auth 2.0 | 2006-09-30 | partially implemented | openid.nonce to be renamed to openid.response_nonce, no agreement on request nonce yet |
| Authentication age | Auth 2.0 | 2006-09-30 | Rejected | Current thinking this should be fleshed out first as an extension |
| Remove setup_url | Auth 2.0 | 2006-10-05 | Implemented (C74) | |
| Consolidated Delegation Proposal | Auth 2.0 | 2006-10-06 | Implemented (C79-C83, C109) | Consolidates IdP-supported Delegation and Separate Public Identifier from IdP Identifier plus subsequent proposed amendments |
| Bare Request | Auth 2.0 | 2006-10-14 | Implemented (C76) | replaces bare request / bare response proposal |
| RP identifier | Auth 2.0 | 2006-10-18 | Rejected | openid.realm is unique identifier for a RP |
| rename Identity Provider to OpenID Provider | Auth 2.0 | 2006-10-18 | Implemented (C104) | |
| Handle user@example.com | Auth 2.0 | 2006-10-19 | Proposed | |
| Remove associations in the clear | Auth 2.0 | 2007-05-17 | Implemented(C324), RFC | Strictly disallow "no-encryption" when not using transport layer encryption |