[OpenID] Microsoft and OpenID Q&A

Josh Hoyt josh at janrain.com
Fri Feb 23 21:32:10 UTC 2007

On 2/23/07, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> On Thu, Feb 22, 2007 at 04:23:28AM +0200,
>  Dmitry Shechtman <damnian at gmail.com> wrote
>  a message of 12 lines which said:
> > Won't the required changes to OpenID turn it into a heavyweight protocol?
> It's also a concern I have: OpenID 1.0 was very simple, easy to use
> and to deploy. OpenID 2.0 is already far from that and pressures to
> add stuff like i-names only aggravate it. I wonder if the bloating is
> related to a deal with Microsoft.

OpenID 2 is not terribly far from OpenID 1. The points that add
complication are:

1. Yadis
2. XRI
3. namespaces for extensions

(there are some other minor things, like HMAC-SHA256 associations)

Other than that, it's pretty much the same as it was.  Are these the
things that you're worried about? Aside from Yadis support, most of
the new things are not required, or can be implemented minimally (e.g.
do not support any extensions, so don't muck with the extension

What is it about OpenID 2 that you think is hard compared to OpenID 1?


More information about the general mailing list