<br><br><div class="gmail_quote">On 16 May 2010 00:57, David Recordon <span dir="ltr"><<a href="mailto:recordond@gmail.com">recordond@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
The past few months I've had a bunch of one on one conversations with a lot of different people – including many of folks on this list – about ways to build a future version of OpenID on top of OAuth 2.0. Back in March when I wrote a draft of OAuth 2.0 I mentioned it as one of my future goals as well (<a href="http://daveman692.livejournal.com/349384.html" target="_blank">http://daveman692.livejournal.com/349384.html</a>).<div>
<br></div><div>Basically moving us to where there's a true technology stack of TCP/IP -> HTTP -> SSL -> OAuth 2.0 -> OpenID -> (all sorts of awesome APIs). Not just modernizing the technology, but also focusing on solving a few of the key "product" issues we hear time and time again.<div>
<br></div><div>I took the past few days to write down a lot of these ideas and glue them together. Talked with Chris Messina who thought it was an interesting idea and decided to dub it "OpenID Connect" (see <a href="http://factoryjoe.com/blog/2010/01/04/openid-connect/" target="_blank">http://factoryjoe.com/blog/2010/01/04/openid-connect/</a>). And thanks to Eran Hammer-Lahav and Joseph Smarr for some help writing bits of it!</div>
<div><br></div><div>So, a modest proposal that I hope gets the conversation going again. <a href="http://openidconnect.com/" target="_blank">http://openidconnect.com/</a></div></div></blockquote><div><br></div><div>If the goal is to get something as weak as possible without it instantly collapsing around your ears, then this sounds like a great plan.</div>
<div><br></div><div>If, OTOH, you are interested in actually protecting peoples' identities, then OAuth 2.0 doesn't seem like a great starting point.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><div><div><br></div><font color="#888888"><div>--David</div></font></div></div>
<br>_______________________________________________<br>
specs mailing list<br>
<a href="mailto:specs@lists.openid.net">specs@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs</a><br>
<br></blockquote></div><br>