Title change discussion

Giuseppe De Marco

OIDC Federation works for both OAuth2 and OpenID Connect, this latter is built on top of OAuth2 and it carries compliance to it.
It has born as a specs to build a Federation of digital identity systems with a solid trust mechanism, that’s why I felt comfortable the name OpenID Connect Federation.

In its first proposal, I remember well, this specification also offered the possibility of implementing solutions based on SAML2, a proposal which was later removed due to lack of stakeholders in the SAML2 world (which does not envisage significant infrastructure investments, among those who adopt it, in favor of OpenID)

This name helped us, implementers, to find it and to identify it as a concrete solution for the distribution of metadata, safe and verifiable, in a digital identity system. In addition it offers a solution also for OAuth2, and we adopted it for the Italian Attribute Authorities (composed by an AS and an RS, described in the OIDC Federation metadata types).

I can say that if there hadn't been OpenID Connect in its name we probably wouldn't have identified it, we wouldn't have been able to distinguish it among the myriad of OAuth2 specifications, which in the context of digital identities become questionable.

The name OpenID Connect served as an address, for what we were looking for.

For me it's ok to remove Connect, but it would be a problem to remove OpenID and this problem would question its choice and why in the current implementations.

2022-11-17T21:09:27+00:00

Comments (3)

Nat Sakimura reporter
- edited description
- 2022-11-17T18:13:19+00:00
Giuseppe De Marco
OIDC Federation works for both OAuth2 and OpenID Connect, this latter is built on top of OAuth2 and it carries compliance to it.
It has born as a specs to build a Federation of digital identity systems with a solid trust mechanism, that’s why I felt comfortable the name OpenID Connect Federation.

In its first proposal, I remember well, this specification also offered the possibility of implementing solutions based on SAML2, a proposal which was later removed due to lack of stakeholders in the SAML2 world (which does not envisage significant infrastructure investments, among those who adopt it, in favor of OpenID)

This name helped us, implementers, to find it and to identify it as a concrete solution for the distribution of metadata, safe and verifiable, in a digital identity system. In addition it offers a solution also for OAuth2, and we adopted it for the Italian Attribute Authorities (composed by an AS and an RS, described in the OIDC Federation metadata types).

I can say that if there hadn't been OpenID Connect in its name we probably wouldn't have identified it, we wouldn't have been able to distinguish it among the myriad of OAuth2 specifications, which in the context of digital identities become questionable.

The name OpenID Connect served as an address, for what we were looking for.

For me it's ok to remove Connect, but it would be a problem to remove OpenID and this problem would question its choice and why in the current implementations.
- 2022-11-17T21:09:27+00:00
Giuseppe De Marco
- changed status to resolved
Resolved by https://bitbucket.org/openid/connect/pull-requests/640
- 2023-10-05T14:22:40+00:00
Log in to comment