The Path Forward for Self-Certification

Published July 24, 2015
The increasing adoption of OpenID Connect deployments has required the OpenID Foundation to develop new certification models that support the practical business, legal and technical realities of today’s Internet scale deployments. Throughout 2015, the pilot phase of OpenID Connect self-certification has been testing the efficiencies, cost effectiveness and trustworthiness of this new approach. Early adopters helped “test the tests” and put a wide range of solutions through the first iteration of OpenID Connect self-certification. OpenID Connect self-certification is underway for the first set of OP tests with additional OP and new RP pilot testing planned later for this year. Certification costs/fees to be determined by the Executive Committee will reference the guidelines below as adopted by the OpenID Foundation Board. In this way, OpenID Connect self-certification is breaking new ground and setting precedents for certification in the foundation's future. OpenID Foundation Self-Certification Guidelines 1. Adoption is the foundation's highest priority. 2. The foundation's goals include incentivizing membership, certification of multiple profiles per implementation and international participation. 3. Certification Profiles are rolled out in three phases: pilot by early adopters, membership beta and general availability. 4. OpenID certification pilots and betas are to be available to all members in good standing. 5. Upon completion of the beta and pilot phases, certification for those profiles will be made available to non-members. 6. All fees are waived during the pilot phase; fees will be charged during the beta and general availability phases. 7. The Foundation intends to authorize fees sufficient to cover the costs of operating a certification program once the corresponding pilot phase is complete. 8. OpenID Foundation certification fees are to be the same for all members. 9. Certification fees are due at the time of submission and are charged per implementation. 10. Certification(s) will be approved once payment is received. The Executive Committee is now working through the actions needed to make the planned OP and RP self-certification available to members and non-members and fully operationalize the OpenID Connect self-certification program. Your feedback is welcome at Don Thibeau