<div class="gmail_quote"><div>The <a href="http://www.idmanagement.gov/drilldown.cfm?action=openID_openGOV" target="_blank">government has just announced</a> that they are piloting accepting OpenID on several of their web sites, and the major OpenID Providers (Google, Yahoo, AOL, PayPal, Verisign) will be <a href="http://openid.net/u-s-government-openid-pilot-program-participants/" target="_blank">supporting Providers</a> of this new Government profile for OpenID.</div>
<div><br></div><div>What is this "<a href="http://www.idmanagement.gov/documents/ICAM_OpenID20Profile.pdf" target="_blank">government profile</a>"? Basically it's a set of rules that an OP and RP must follow. These rules are more restrictive than, but nonetheless compliant with, the OpenID 2.0 spec. For example, HTTPS must be used throughout the process, and shared associations must only last up to a given maximum length of time.</div>
<div><br></div><div><div>I'm very pleased to announce that <b><a href="http://dotnetopenauth.net/">DotNetOpenAuth</a> has support for this government profile</b>, and in fact is the underlying library used by the NIH for its OpenID RP support. Watch for a new release of DNOA (3.2.1) in the next day or two that actually includes the government profile in it.</div>
<div><br></div></div><a href="http://www.techcrunch.com/2009/09/09/us-government-to-embrace-openid-courtesy-of-google-yahoo-paypal-et-al/" target="_blank">More in the news</a><br><font color="#888888"><div><br clear="all">
--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
</div>
</font></div><br>