RFC: Final outstanding issues with the OpenID 2.0 Authentication specification
Josh Hoyt
josh at janrain.com
Fri May 18 19:56:07 UTC 2007
Don,
On 5/18/07, Don MacAskill <don at smugmug.com> wrote:
> My company, SmugMug, is an OpenID provider for hundreds of thousands of
> "high value" paying accounts, and will shortly be a consumer as well.
> I'll freely admit that I haven't fully digested 2.0's pre-spec, but at
> least part of that reason is it looks like it adds a lot more
> complexity. I can honestly say that if I had seen it as a spec, rather
> than 1.1, I would have certainly put off implementation, possibly
> indefinitely.
As I have said a few times, the OpenID 2.0 specification is
significantly longer than the OpenID 1.1 specification, but most of
the length comes from being explicit and rigorous about things that
the OpenID 1.1 specification is not.
I welcome specific suggestions for simplifying or otherwise improving
the specification. The more feedback that we get, the better.
Josh
More information about the specs
mailing list