DotNetOpenAuth 3.0 released
Download it now. Previously named DotNetOpenId in its v1.x and 2.x releases, the v3.0 release is rechristened DotNetOpenAuth to reflect its support for multiple authentication and authorization protocols. Sporting OpenID,…
How to pretty much guarantee that you might get an email address with OpenID
OpenID itself is just an authentication protocol. It takes OpenID extensions to get more information about the user like their name or email address. In fact there are two popular…
Need access to that internal? Don’t touch that dial!
The blessing and curse of open source is that the source can be easily changed. Internal types and members don’t need to be backward compatible with previous versions. This makes…
DotNetOpenAuth 3.0 Beta 2 released
DotNetOpenAuth, previously named DotNetOpenId, is getting nearer to its major 3.0 release. With beta 2, we have a security reviewed, feature complete library for .NET use of the OAuth and…
Replay protection for OpenID 1.x relying parties
If you’re writing an OpenID Provider, you should have a strong appreciation for the security of your customers’ identities that you will be protecting. One aspect of that protection is…
OpenID association poisoning
As part of the OpenID protocol a relying party often establishes shared secrets (called ‘associations’) with identity providers that are used to verify identity assertions. It occurred to me that…
Fixing the OpenID login user experience
The user experience of OpenID at Relying Party web sites is so important to get right. OpenID is right for your web site’s visitors – no doubt in my mind…
DotNetOpenId v3.0 Beta 1 released
Tonight DotNetOpenId, soon to be renamed DotNetOpenAuth, released beta 1 of the major v3.0 release. You can download the bits from Ohloh. Although downloads should remember that as a beta…
DotNetOpenId is looking for a new home
DotNetOpenId started on Google Code. But we’re outgrowing it. We’d like to move to a shared hosting server where we can have automated tests, nightly builds, and a better web…
DotNetOpenId v3.0 to feature built-in OAuth support
The next major release of DotNetOpenId, slated for a release in or around March 2009, will add OAuth support to the mix. If you don’t know what OAuth is, it…