With support from Google, Microsoft, Ping Identity, ForgeRock, Nomura Research Institute, and PayPal, OpenID Connect launched today.
OpenID Connect performs many of the same tasks as OpenID 2.0, but does so in a way that is API-friendly, and usable by native and mobile applications. OpenID Connect defines optional mechanisms for robust signing and encryption. Whereas integration of OAuth 1.0a and OpenID 2.0 required an extension, in OpenID Connect, OAuth 2.0 capabilities are integrated with the protocol itself.
(Score: 5, Informative) by maxwell demon on Thursday April 23 2015, @07:32PM
Because with this specific "centralized" password system everyone can be an identity provider. In other words, you can run the thing providing your identity on your own system, as long as it is accessible from the internet. Or on your friend's system if he allows you to. Or at a rented server.
Or in short, it is not centralized by design.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 3, Insightful) by frojack on Thursday April 23 2015, @08:57PM
I think you missed the point.
As far as I can see this is good for exactly one thing, throw-away identities, that you need to log into certain sites.
Using such a thing for anything that requires real security is just silly in the post snowden world.
This isn't the first go around with OpenID. It never did gain much traction, not because it wasn't technically usable, and not because it didn't do what it set out to do, but because its just not a wise thing to do.
No, you are mistaken. I've always had this sig.
(Score: 3, Insightful) by tibman on Friday April 24 2015, @12:27AM
For most sites OpenID is perfect. One less password to memorize. I don't think anyone would suggest using a twitter account to create your bank account.
SN won't survive on lurkers alone. Write comments.