Yearly Archives: 2016


Public Review Period for “Financial API – Part 1: Read Only API Security Profile” Started

OpenID Foundation’s Financial API (FAPI) Working Group has advised the foundation to start the public review period for consideration as an Implementer’s Draft for the specification: Financial API – Part 1: Read Only API Security Profile, draft 01 It is a specification that documents the security profiles of OAuth 2.0 and […]


Registration Open for OpenID Foundation Workshop on Monday, October 24, 2016

OpenID Foundation Workshops provide insight and influence on important Internet identity standards. The workshop provides updates on the development of profiles of OpenID Connect as well as review progress on OpenID Connect Certification and an update on Relying Party certification.   We will introduce the FastFed (Fast Federation) while providing […]


Initial OpenID Connect Enhanced Authentication Profile (EAP) Specifications

The OpenID Enhanced Authentication Profile (EAP) working group charter states that: The purpose of this working group is to develop a security and privacy profile of the OpenID Connect specifications that enable users to authenticate to OpenID Providers using strong authentication specifications. The resulting profile will enable use of IETF […]


Preventing Mix-Up Attacks with OpenID Connect

Recently the OAuth community has been concerned with some attack vectors around mixed up clients, particularly when dynamic client registration and discovery are used with user-selected OpenID Providers. Broadly, the attacks consist of using dynamic client registration, or the compromise of an OpenID Provider (OP), to trick the Relying Party […]


HEART Implementer’s Drafts Approved

The OpenID Foundation members have approved of the following specifications as OpenID Implementer’s Drafts: Health Relationship Trust Profile for OAuth 2.0 Health Relationship Trust Profile for OpenID Connect 1.0 Health Relationship Trust Profile for User Managed Access 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual […]


Vote Early and Often!

More often than not OpenID Foundation members vote with their feet. Members typically signal their interest in a topic or work group by participating on a spectrum from “leader to lurker” on a mailing list discussion or in a work group’s agenda setting. On important, rare occasions, real people have […]