The past few months I've had a bunch of one on one conversations with a lot of different people – including many of folks on this list – about ways to build a future version of OpenID on top of OAuth 2.0. Back in March when I wrote a draft of OAuth 2.0 I mentioned it as one of my future goals as well (http://daveman692.livejournal.com/349384.html).
Basically moving us to where there's a true technology stack of TCP/IP -> HTTP -> SSL -> OAuth 2.0 -> OpenID -> (all sorts of awesome APIs). Not just modernizing the technology, but also focusing on solving a few of the key "product" issues we hear time and time again. I took the past few days to write down a lot of these ideas and glue them together. Talked with Chris Messina who thought it was an interesting idea and decided to dub it "OpenID Connect" (see http://factoryjoe.com/blog/2010/01/04/openid-connect/). And thanks to Eran Hammer-Lahav and Joseph Smarr for some help writing bits of it! So, a modest proposal that I hope gets the conversation going again. http://openidconnect.com/ --David
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
