Tag Archives : openid


The OpenID Foundation Launches the OpenID Connect Standard 24

Providing Increased Security, Usability, and Privacy on the Internet RSA 2014 and Mobile World Congress- San Francisco, CA, and Barcelona, Spain – Feb. 26, 2014 – The OpenID Foundation announced today that its membership has ratified the OpenID Connect standard.  Organizations and businesses can now use OpenID Connect to develop secure, flexible, and interoperable identity [...]


Vulnerability Alert – OpenID 2.0 Implementations Vulnerabilities found in some OPs 5

Please be advised a number of OpenID Authentication 2.0 server implementations were found to be vulnerable due to non-compliance to the normative requirements of the OpenID Authentication 2.0 specification. The nature of the vulnerability In section 11.4.2.1 of the OpenID Authentication 2.0, it is stated that “For verifying signatures an OP MUST only use private [...]


Second OpenID Connect Implementer’s Drafts Approved 6

The OpenID membership has approved the following specifications as OpenID Implementer’s Drafts in the vote held from July 23 and July 30, 2013: Basic Client Profile – Simple, self-contained profile for a Web-based Relying Parties using the OAuth code flow. Implicit Client Profile – Simple, self-contained profile for a Web-based Relying Parties using the OAuth [...]


Announcing the OpenID Backplane Protocol Work Group 7

For website owners, enabling web applications to talk to one another within the same web page can be frustrating and can take countless hours of development. How should apps communicate with each other in a meaningful way? The OpenID Foundation’s new Backplane Protocol Work Group is focused on this exact problem — helping website owners, [...]


OpenID Connect Implementer’s Drafts Approved 6

The OpenID membership has approved the following specifications as OpenID Implementer’s Drafts in the vote held from February 7th to 15th, 2012: • Basic Client Profile – Simple self-contained specification for a web-based Relying Party. (This spec contains a subset of the information in Messages and Standard.) • Discovery – Defines how user and provider endpoints [...]


REMINDER – OpenID “Connect Tech” Summit – September 12-13, 2011 11

The OpenID Foundation is launching its third OpenID Summits for 2011. This event is co-sponsored by Microsoft and will be held at the Microsoft Research Campus in Mountain View.  The OpenID Foundation’s 2011 series of OpenID Summits focuses on use cases and topics of interest to key developers, executives and analysts in the online identity [...]

oIDF_Msft logos

OpenIDConnect-Map-13jul2011-v3

Current Map for OpenID Connect 1

There is now a set of functionally complete specifications for OpenID Connect.  The diagram below shows the relationships between the current specs and contains links to each of them.  These specifications are ready for early developer feedback and prototype implementation work.  Please send feedback on them to the OpenID Artifact Binding Working Group Mailing List. [...]


A Map for OpenID Connect 1

IIW is rapidly approaching. We plan to take advantage of face to face discussions on the around the next version of openID. For those attending and others I want to point to the various potions of the spec work so that people have that in hand for IIW. One of the changes from openID 2.0 [...]