OpenID

OpenID is an open,standardized protocol originally developed to allow users to log in to many different websites with a single identity (or “ID”).

In practice, this means logging into a website via the so-called identity provider and then using this credentials to gain access to other websites or services – the “Relying Parties“.

Inhaltsverzeichnis

OpenID and the OpenID Foundation

The OpenID Foundation (OIDF) is a non-profit organization focused on developing open standards for identity and security.

Since its founding in 2007, the OpenID Foundation’s mission has been to provide people with a technical, openly standardized way to securely and easily log in to various online platforms.

To this end, OpenID is establishing the necessary IT standards that are secure, interoperable, user-friendly and suitable for implementing data protection regulations.

OpenID – Mission and Vision

Vision: The goal is to allow users and services to easily and securely log in to various online platforms.
Mission: Lead the global community in creating identity standards that are secure, interoperable, and privacy-friendly.

Foundation and reach

The OpenID Foundation was founded in 2007 and is a non-profit organization. It develops identity and security specifications that serve billions of users across millions of applications.

OpenID Foundation Support and Services

How does the OpenID Foundation specifically support developers, companies and governments? From training to partnerships to certification programs, the organization offers a wide range of resources to help implement secure and interoperable identity solutions.

Duty of care (due diligence)

The Foundation ensures that members understand the OIDF standards and their benefits. This includes active sharing of OIDF and member insights, which resonate particularly well with governments and administrative entities that are building new ecosystems.

Partnerships (Liaisons with partners)

The Foundation develops relationships with global, regional or national partners such as standards institutions or governance entities. These partnerships help the Foundation fulfill its mission.

Conformity testing and certification

The Foundation offers test suites for mature standards free of charge and charges small fees for self-certification. Governments such as those of the United Kingdom and Brazil have selected this certification program to ensure the compliance of their ecosystem participants.

Local profile development and maintenance

The Foundation encourages partners to develop their OIDF profiles in partnership with the Foundation. This saves time and money, reduces security risks and technical barriers to cross-border interoperability.

Interfaces to other standards

The Foundation helps members understand how OIDF specifications interact with standards from interconnection partners such as FIDO, W3C Verifiable Credentials (VCs), or ISO 18013-5 Mobile Driving Licenses.

Verifiable Credentials are a World Wide Web Consortium (W3C) standard for verifying digital identity data. Verifiable Credentials allow one party (the issuer) to make a statement about another party (the holder) that can be verified by a third party (the verifier). The standard is designed to respect privacy requirements and enable secure and trustworthy verification of information.

For example, an issuer such as a university might issue a verifiable credential to a graduate (the holder) stating that the graduate has earned a particular degree. An employer (the verifier) could then verify this credential without having to contact the university directly.

About OpenID as a protocol

OpenID is an open, standardized protocol originally developed to allow users to log in to many different websites with a single identity. In practice, this means signing up with one website (the “identity provider”) and then using that credentials to gain access to other websites (the “relying parties”).

Limitations

However, OpenID has its limitations, especially when it comes to transferring user information and security mechanisms.

Transmission of user information: In the context of OpenID, this means that the protocol in its original form offers only limited possibilities for the secure transmission of additional user information. This limitation could make it difficult to integrate with more complex systems that require more than basic identity data.
Security mechanisms: The original version of OpenID had limited security features. This could mean, for example, that more advanced security mechanisms such as multi-factor authentication or advanced encryption techniques are not supported or are only supported to a limited extent.

Therefore, successors and extensions like OpenID Connect have been developed to address these and other limitations. OpenID Connect builds on the OAuth 2.0 protocol and offers extended capabilities both in terms of user information transfer and secure authentication methods.

Conclusion

The OpenID Foundation plays a key role in developing and promoting standards for digital identities. Through a variety of services and partnerships, the Foundation helps organizations and individuals build more secure and efficient digital ecosystems.