Internet infrastructure is always a story of convergence. Last fall the OpenID and LID URL-based authentication protocols came together around an interoperable lightweight discovery format called Yadis. Yadis used the XML-based XRDS document format developed by the OASIS XRI Technical Committee, which brought i-names (the human-friendly format of an XRI) closer to both of these distributed URL-based authentication protocols.
Now the next step is happening. OpenID 2.0 will be more than just an authentication protocol but a complete framework for distributed digital identity based on user-centric digital addresses. The highlights:
OpenID 2.0 will support both URLs and XRIs (i-names or i-numbers), so you can use either type of digital address.
OpenID 2.0 incorporates Yadis XRDS-based service discovery, so it can be used not just for authentication (via any protocol both the user and the site support), but for any identity-based service (Ã¢â‚¬Å“i-serviceÃ¢â‚¬Â) such as profile exchange, attribute verification, reputation, etc.
OpenID 2.0 Authentication (the new name for the OpenID 2.0 authentication protocol itself) is adding more security features plus the ability to do Ã¢â‚¬Å“anonymousÃ¢â‚¬Â login (logging in using your i-brokerÃ¢â‚¬â„¢s digital address instead of your own, for an extra layer of privacy).
And to show how serious this is, the OpenID 2.0 framework was submitted this morning by 16 architects and developers to the Apache Software Foundation as a new project called Ã¢â‚¬Å“HeraldryÃ¢â‚¬Â. With the Heraldry project, user-centric identity officially moves out of the backwater and into the mainstream channel of the Web.
The timing is ideal with the opening of the XDI.org i-names global registry services at the Berkman Identity Mashup on June 20th. This is the first global digital addressing service in which users are a full peer with organizations, and in which users interests are represented by i-brokers whose job it is to protect the privacy and security of user data.
More about the global registry opening in a following post Ã¢â‚¬â€œ I just wanted to get the word out about OpenID 2.0, because itÃ¢â‚¬â„¢s one of the most tangible signs ever that user-centric identity is here to stay.