What Is The History Of Openid?

1.	What Is The History Of Openid?
Answer» OpenID Connect is the third generation of OpenID technology. The first was the original OpenID, a visionary’s tool that never got much commercial adoption, but got industry leaders thinking about what was possible. OpenID 2.0 was much more fully thought through, offered excellent SECURITY, and worked well when implemented properly. However, it suffered from several design limitations – foremost among them that Relying Parties could be Web pages but not native applications; it also relied upon XML, leading to some adoption problems. OpenID Connects GOAL is to be much more developer-friendly, while expanding the set of use cases where it can be used. It has already been successful in this; there are production deployments operating at huge scale. Any programmer with sufficient EXPERIENCE to send and receive JSON MESSAGES over HTTP (which is most of them these days) should be able to implement OpenID Connect from scratch using standard crypto signature-verification libraries. Fortunately, most won’t even have to go that far, as there are good commercial and open-source libraries that TAKE care of the authentication mechanics. OpenID Connect is the third generation of OpenID technology. The first was the original OpenID, a visionary’s tool that never got much commercial adoption, but got industry leaders thinking about what was possible. OpenID 2.0 was much more fully thought through, offered excellent security, and worked well when implemented properly. However, it suffered from several design limitations – foremost among them that Relying Parties could be Web pages but not native applications; it also relied upon XML, leading to some adoption problems. OpenID Connects goal is to be much more developer-friendly, while expanding the set of use cases where it can be used. It has already been successful in this; there are production deployments operating at huge scale. Any programmer with sufficient experience to send and receive JSON messages over HTTP (which is most of them these days) should be able to implement OpenID Connect from scratch using standard crypto signature-verification libraries. Fortunately, most won’t even have to go that far, as there are good commercial and open-source libraries that take care of the authentication mechanics.

Answer»

OpenID Connect is the third generation of OpenID technology. The first was the original OpenID, a visionary’s tool that never got much commercial adoption, but got industry leaders thinking about what was possible. OpenID 2.0 was much more fully thought through, offered excellent SECURITY, and worked well when implemented properly. However, it suffered from several design limitations – foremost among them that Relying Parties could be Web pages but not native applications; it also relied upon XML, leading to some adoption problems.

OpenID Connects GOAL is to be much more developer-friendly, while expanding the set of use cases where it can be used. It has already been successful in this; there are production deployments operating at huge scale. Any programmer with sufficient EXPERIENCE to send and receive JSON MESSAGES over HTTP (which is most of them these days) should be able to implement OpenID Connect from scratch using standard crypto signature-verification libraries. Fortunately, most won’t even have to go that far, as there are good commercial and open-source libraries that TAKE care of the authentication mechanics.

OpenID Connect is the third generation of OpenID technology. The first was the original OpenID, a visionary’s tool that never got much commercial adoption, but got industry leaders thinking about what was possible. OpenID 2.0 was much more fully thought through, offered excellent security, and worked well when implemented properly. However, it suffered from several design limitations – foremost among them that Relying Parties could be Web pages but not native applications; it also relied upon XML, leading to some adoption problems.

OpenID Connects goal is to be much more developer-friendly, while expanding the set of use cases where it can be used. It has already been successful in this; there are production deployments operating at huge scale. Any programmer with sufficient experience to send and receive JSON messages over HTTP (which is most of them these days) should be able to implement OpenID Connect from scratch using standard crypto signature-verification libraries. Fortunately, most won’t even have to go that far, as there are good commercial and open-source libraries that take care of the authentication mechanics.

What Is The History Of Openid?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment