With support from Google, Microsoft, Ping Identity, ForgeRock, Nomura Research Institute, and PayPal, OpenID Connect launched today.
OpenID Connect performs many of the same tasks as OpenID 2.0, but does so in a way that is API-friendly, and usable by native and mobile applications. OpenID Connect defines optional mechanisms for robust signing and encryption. Whereas integration of OAuth 1.0a and OpenID 2.0 required an extension, in OpenID Connect, OAuth 2.0 capabilities are integrated with the protocol itself.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(Score: 3, Insightful) by FatPhil on Thursday April 23 2015, @06:11PM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 5, Funny) by ikanreed on Thursday April 23 2015, @07:05PM
Some of us never upgraded from the buzzword 0.6 alpha. And honestly, I don't like this new buzzword paradigm. It lacks synergy.
(Score: 3, Insightful) by BananaPhone on Thursday April 23 2015, @06:23PM
Why would anybody with a brain use ANY centralized ID/Password system?
It would just become part of the NSA dragnet.
(Score: 1, Touché) by Anonymous Coward on Thursday April 23 2015, @06:46PM
Because comrade, the NSA would never use it for nefarious reasons. Only a commu...terrorist would object. You don't have anything to hide from your benevolent governmentary oligarchs, do you friend? The computer is your friend.
(Score: 4, Interesting) by ikanreed on Thursday April 23 2015, @06:49PM
It doesn't matter, because so many sites are forcing people into facebook/google based single sign-on anyways. And no one is fighting back. I almost made the mistake of using a google sign on to pay for something recently, but bailed when I realized what they wanted was to automatically spam "buy our products!" from my non-existant google+ profile.
(Score: 5, Informative) by maxwell demon on Thursday April 23 2015, @07:32PM
Because with this specific "centralized" password system everyone can be an identity provider. In other words, you can run the thing providing your identity on your own system, as long as it is accessible from the internet. Or on your friend's system if he allows you to. Or at a rented server.
Or in short, it is not centralized by design.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 3, Insightful) by frojack on Thursday April 23 2015, @08:57PM
I think you missed the point.
As far as I can see this is good for exactly one thing, throw-away identities, that you need to log into certain sites.
Using such a thing for anything that requires real security is just silly in the post snowden world.
This isn't the first go around with OpenID. It never did gain much traction, not because it wasn't technically usable, and not because it didn't do what it set out to do, but because its just not a wise thing to do.
No, you are mistaken. I've always had this sig.
(Score: 3, Insightful) by tibman on Friday April 24 2015, @12:27AM
For most sites OpenID is perfect. One less password to memorize. I don't think anyone would suggest using a twitter account to create your bank account.
SN won't survive on lurkers alone. Write comments.
(Score: 3, Interesting) by tftp on Thursday April 23 2015, @09:07PM
Why would anybody with a brain use ANY centralized ID/Password system?
Those few with a brain do not make a difference. These centralized systems are designed for use by the majority of population. You are not the target audience; the Facebook crowd is.
(Score: 2, Flamebait) by kaszz on Thursday April 23 2015, @11:00PM
The Facebook crowd lacks brains? :P
(Score: 2) by ticho on Friday April 24 2015, @06:23AM
Yes, for now... But they will be coming for yours. Braaaaiiins...
(Score: 2) by kaszz on Friday April 24 2015, @08:07AM
Neeeeeed mooorrree braaaiiiinn... Neeedddd moorrrrree braaiiiiiinn... ;-)