> -----Original Message----- > From: Dick Hardt [mailto:[email protected]] > Sent: Monday, May 24, 2010 6:20 PM > To: Eran Hammer-Lahav > Cc: Allen Tom; David Recordon; Joseph Smarr; OpenID Board (public); > [email protected] > Subject: Re: [OpenID board] Why Connect? > > > On 2010-05-24, at 6:08 PM, Eran Hammer-Lahav wrote: > > > The question is: > > > > Is the OIDF interested in taking the lead in building an identity layer for > OAuth 2.0? > > > > I'm willing to bet that if the answer is no, it will be the beginning of > > the end > for OpenID. OAuth 2.0 + identity will fully cover the OpenID 2.0 use cases in > a > cleaner, more secure way. > > OpenID Connect as currently envisioned misses many of the internet identity > use cases.
And covers most of the ones desired by those currently implementing OpenID. For those using OpenID 2.0 today, this proposal offers a full and significantly better replacement. This proposal is 100% market-driven, which is not something I can say about OpenID now or in the past. This proposal is driven by developers, providers, and end users. > > > > This is very much an issue of timing. If the problem is the name, call it > > the > "OAuth Identity Framework", > > OpenID Connect has very little to do with OpenID, and lots to do with OAuth. > That sounds like a better name. True if you define OpenID as nothing but a protocol. But if that is your definition, I think OpenID best days are behind it. People don't care about protocols, they care about products. I think it would be a mistake for the OpenID foundation to let OAuth take over such a huge chunk of the current OpenID use cases. > > leaving OpenID to be whatever the v.next WG decides it will be a year or > two from now. > > That sounds like a challenge I am will to take on. :) Well, that's something the foundation will have to figure out. All I can do is offer my perspective. EHL _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
