DotNetOpenId 1.0 released, 2.0 beta also released

April 3, 2008 Off By David

DotNetOpenID 1.0 released!

Andrew Arnott

The culmination of a great deal of work in refactoring, bug fixing and enhancements can be found in the latest .NET implementation of the OpenId library known as DotNetOpenId v1.0.  It is free and released under the New BSD license, so give it a try!

Check the Version Changes page for a list of important changes over the
0.1.2 version.  Please note that there are a lot of breaking changes between this and 0.1.2, but on a plus side, there are no breaking changes between 1.0 and 2.0 (so far), so making the extra effort to adopt 1.0 today is recommended and only help pave the way for 2.0 when it is ready.

DotNetOpenId 2.0 beta

The DotNetOpenId 2.0 beta is also ready for field testing.  It is feature
complete, offering a full implementation of the OpenId 2.0 spec except for
extensions that are passed *without *any side-by-side authentication.  With the huge improvements brought by the OpenID 2.0 specification I am really pleased to see that this release become available.

With the one exception listed, these features are *already* in the source code:

   – Added support for *OpenID 2.0 Relying Parties and Providers*,
   including but not limited to these features:
      – Xri and i-name support
      – Directed identity support
      – More secure hashing algorithms (SHA-256)
      – Interop with Yahoo and other OpenID 2.0-only providers
      – Better security against replay attacks.
   – *Planned:* Much more comprehensive testing of common scenarios and
   possible security exploits.
   – More comprehensive HTML-based identity discovery.
   – *Completely* stateless mode supported for Relying Parties (not even
   HttpApplication state).