OpenID Cryptography Review

On July 29, 2005

LShift Developer Paul Crowley has redesigned the security for the OpenID system.

OpenID is a simple single-sign-on mechanism for attributing content such as comments on blogs and Wiki edits. Unlike Microsoft’s Passport, any site can publish and manage identities; no central provider is needed.

Version 0 of the OpenID protocol was designed by LiveJournal founder Brad Fitzpatrick. For version 1, he called on LShift senior developer Paul Crowley to provide a cryptographic review. The result is a protocol which is easier for small sites to deploy, and over a thousand times faster for larger sites to participate in.

OpenID has now been adopted by sites spanning many millions of users, including LiveJournal and related sites, and the Schtuff wiki.

Share