Happy 5th birthday, OpenID Connect!

February 26 this year marks the 5th birthday of OpenID Connect.

Connect-tan speaking proudly that she is now 5 years old.

In Tokyo, we had a celebration workshop + party.

The workshop
Near the end of the party – I only remembered to take the photo then…

Last 5 years

In the last 5 years, a lot has happened.

Besides the great adoption, such little thing like Signed Request Object (Ch.6 of OIDC Core) that many people said “too complex, and no one will ever use” and the detached signature on the authorization response (3.3.2 of OIDC Core) got adopted in the last year or two by the higher security requiring verticals such as banking made me happy. It just paid off to insist that they should be in the Core spec.

Next 5 years

What I would expect as the next step are the claims model (Ch.5) and Self-issued OP (Ch.7). Both are starting to attract attention from various parties and have the potential to take off in the next three to five years.

For example, claims model would be immensely useful for something like eKYC. European Commission started a study on eKYC framework and the model seems to be a perfect fit.

Self-issued OP is gaining interest from the context of Self-sovereign identity. Last year, several scholars including friends of mine got their facebook and twitter accounts suspended by somebody reporting that they are violating the terms of use. In some cases, it was while they were speaking up and fighting for the freedom and rights of people. The attempt to suspend was to shut them up. Of course, they did not and fought back, but that’s because they were quite powerful and had support of people. For the rest of us, fighting back like them can just be too daunting and decide to give up. That is a real threat to the freedom of speech. To avoid such a situation, data portability and self-sovereign identity become ever important.

Let us see what happens by the time OpenID Connect becomes 10 years old.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.