Yadis.... now OpenID

Brad Fitzpatrick brad at danga.com
Tue May 17 20:54:07 PDT 2005

The temporary name Yadis is now dead.  It's now OpenID.

Much love to David Lehn for giving us http://openid.net/ , which is
currently down until DNS gets moved/setup.

For now:



    -- not based on FOAF (though FOAF can still be used, and just as
       easily if it's under the root identity URL)

    -- DSA signature is now BASE64(DER(ASN1(SEQUENCE(INTEGER,INTEGER))))
       That seems to be the norm... what OpenSSL does.  At least once you
       decode the Base64.

    -- All URL arguments prefaces with "openid." so arguments don't collide
       with what your app URLs might need/use.

    -- cleaned up docs

Anybody have objections to this auto-discovery link for finding the identity server from an HTML document?

   <link rel="openid.server" href="http://www.livejournal.com/misc/openid.bml" />

The "openid." preface is consistent with the GET arguments in the
requests/responses, and allows us extensibility in the future, if we
need to link more.  The period is okay, since the rel is just a bunch
of CDATA tokens.  No content-type makes sense.  No title makes much sense.

I'd love feedback from everybody that has time.


- Brad

More information about the yadis mailing list