There’s some news floating around this morning about David Recordon’s proposal to rebuild OpenID on top of OAuth 2.0. I can’t say that I have an opinion on this yet (first off, being a non-engineering guy, I have to get David to explain it to me). I’ve been a partial critic of some OpenID things in the past, and a pretty public fan of OAuth, so at first glance, rebuilding OpenID to sit on top of OAuth sounds like a interesting idea. I’ll be curious to see how we (the community) identify any pitfalls around tying authorization and authentication closely together.
The really good news is this: Nearly all of the prime movers around this (David Recordon, Chris Messina, Brad Fitzpatrick, Dick Hardt, etc) will be at Gluecon in 9 days. So, let’s just say you wanna start sorting this out (or even working on it with David et al)….well, you know what to do.