Search This Blog

Thursday, December 6, 2007

OpenID 2.0 Spec Approved

The OpenID Foundation announced the finalized version of OpenID
Authentication 2.0 and the related OpenID Attribute Exchange 1.0
specifications. Three members of the OpenID Foundation announced the
finalized versions of OpenID Authentication 2.0 and the related OpenID
Attribute Exchange 1.0 spec on Monday. David Recordon, Dick Hardt,
and Josh Hoyt, who participated in the authoring of OpenID, were
attending the Internet Identity Workshop at Computer History Musuem
in Mountain View, California when they announced the finalization of
the specification, which defines a decentralized, open-source,
single-sign on identity framework. OpenID has been adopted by AOL,
LiveJournal, WordPress and thousands of other web sites to allow
visitors to identify themselves without needing to create a new
login or share sensitive information. Google's Blogger and the Drupal
content management platform already support the new spec. The OpenID
Attribute Exchange 1.0 spec, also announced on Monday, is a service
extension that provides a mechanism for moving identity information
between web sites. According to the OpenID web site: "As part of the
IPR work over the past few months we've collected non-assertion
agreements from contributors to both of these specifications as well
as all past specifications. These agreements are a way for contributors
(and others) to formally declare that they will not assert any patent
rights against OpenID implementations. It's important to remember
that this has been the work of many folks not only within the OpenID
community but also the OpenID Foundation, AOL, Cordance, JanRain,
Microsoft, NetMesh, Six Apart, Sxip, Sun Microsystems, Symantec,
Verisign and Yahoo!. Microsoft was instrumental in helping with legal
support and guidance combined with the insight of Sun and Yahoo! with
their joint work in developing the right language. This is great news
as it means that today not only is OpenID 2.0 final, but all of the
contributors have sent a strong message that OpenID must be freely
implementable world-wide."

No comments: