Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Google Businesses The Internet IT

Google Adopts, Forks OpenID 1.0 316

An anonymous reader writes "Right on the heels of Microsoft's adoption of the OpenID protocol by announcing their intention to enable OpenID authentication against all Live IDs, Google has announced their intention to join the growing list of OpenID authentication providers. Except it turns out they're using their own version of OpenID that is incompatible with everyone else. It seems that Google will be using their own 'improved' version of OpenID (based upon research and user feedback of the OpenID system) which isn't backwards compatible with OpenID 1.0/2.0, in hopes of improving end-user experience at the cost of protocol compatibility and complexity."
This discussion has been archived. No new comments can be posted.

Google Adopts, Forks OpenID 1.0

Comments Filter:
  • by eldavojohn ( 898314 ) * <eldavojohnNO@SPAMgmail.com> on Wednesday October 29, 2008 @04:22PM (#25561291) Journal
    OpenID's vision statement:

    OpenID eliminates the need for multiple usernames across different websites, simplifying your online experience.

    Everyone else's vision statement:

    Fuck OpenID, I'm in control now.

    • by Anonymous Coward on Wednesday October 29, 2008 @04:59PM (#25561777)

      EMBRACE AND EXTEND!!!!

      oh...wait...I'm confused, this a Google article, not a microsoft article

    • by Bruce Perens ( 3872 ) * <bruce@perens.com> on Wednesday October 29, 2008 @05:06PM (#25561857) Homepage Journal
      Whether or not this is Google overturning an open standard can be judged upon:

      1. Do they make it possible for everyone else to implement exactly what they are doing, on both the producer and consumer end, without any patent restrictions, royalties, or discriminatory licensing?

      2. How close is what they are doing to the latest version of the standard, not 1.0?

      3. Do they try to get what they are doing into version 2.1 (or whatever) of the standard?

      4. Do they really have a reason for doing this? Like making the login easier for normal nontechnical people rather than you and I?

      Bruce

      • Re: (Score:3, Interesting)

        I'm not sure about #3. It might be a lost cause because standards generally don't much like breaking compatibility. Still, I guess it couldn't hurt for them to try.

  • by Evan Meakyl ( 762695 ) on Wednesday October 29, 2008 @04:23PM (#25561309)
    just fork it!
  • by JCSoRocks ( 1142053 ) on Wednesday October 29, 2008 @04:25PM (#25561329)
    Substitute Microsoft's name for Google and it'd be just another day in tech. Interesting to see Google doing this though.
    • by Johnno74 ( 252399 ) on Wednesday October 29, 2008 @04:31PM (#25561419)

      Yes, except just yesterday Microsoft joined OpenId, _without_ this sort of stunt.

      IMHO, microsoft's behavior in the last few years is to be commended, they are worlds away from where they were 10 years ago.

      Sadly, google seems to be heading the other way.

      • by Anonymous Coward on Wednesday October 29, 2008 @04:44PM (#25561583)
        According to what evidence?

        Google themselves are claiming they're not supporting OpenID version 1, which is what the article is raving about. They claim they're supporting OpenID version 2.0, which as far as I can tell, that's exactly what they're doing. I can't see any difference between Google's documentation and OpenIDv2's documentation, at all. Can you? His "emphasis added" section clearly says the same thing the OpenIDv2's "emphasis added" section says is the difference between the two protocols in the first place.

        Sensational press 1, Rational thinking 0.
      • by click2005 ( 921437 ) on Wednesday October 29, 2008 @04:53PM (#25561699)

        IMHO, microsoft's behavior in the last few years is to be commended

        Yeah, they behaved so well during the whole OOXML/ODF stuff.

        they are worlds away from where they were 10 years ago.

        One half-assed attempt at a good deed (that isnt actually good in any real way as they're only providing OpenID not accepting it from others) doesn't erase decades of screwing people over.

      • Re: (Score:3, Informative)

        by Anonymous Coward

        microsoft's behavior in the last few years is to be commended

        Excuse me? Have you been living under a rock? Microsoft has subverted an entire standards body worldwide to push a bloated mess of a document format! Their browser is still a POS, except it's now a more user friendly POS. Microsoft is exactly where they were 10 years ago, they've just adapted to a changed world.

      • Re: (Score:2, Interesting)

        by Amamdouh ( 1130747 )
        Yeah isn't it so?? I mean Google was kindda of a good guy in tech. They recently attacked a researcher for exposing a vulnerability in their android platform and now this !!! Hmmm can we say that companies inevitably turn nasty when they reach a certain size?
      • by Touvan ( 868256 ) on Wednesday October 29, 2008 @05:15PM (#25561953)

        Microsoft has a history of supporting unfinished or in progress standards, then keeping them that way. Just look at what they do with W3C standards. Keeping is static.

        No ECMAScript 4.x, no DOM Events, no Canvas/SVG/etc., no greatly improved JS support because they only "want to make existing content content run better" rather than preparing for what the future may hold. Everyone else is doing that - make JS more robust today, so we can have better apps tomorrow.

        MS has no interest in a standard that really works - but they'd love to be able to claim support for an open standard just the same.

      • Re: (Score:2, Funny)

        by rivetgeek ( 977479 )
        Apparently you dont code CSS much...
      • by thetoadwarrior ( 1268702 ) on Wednesday October 29, 2008 @05:40PM (#25562269) Homepage
        Microsoft announces they'll create OpenID compatible IDs but not accept them. Thus if someone wants full access to all OpenID sites they have to go through Microsoft and you think this is some how better?

        I'm not saying what Google is doing is right but they're just getting to the point where as MS was taking the slow route to the same destination.
    • And fucking typical to have it referred to as "adopting" and "forking", when they're really just doing the same ol' corporate bullshit of stealing and proprietarizing.

  • if microsoft did this, the hoardes would be eviscerating the company

    if google does this, watch the defenders come out of the woodwork

    slashdot bias: microsoft bad, google good, apple shrug

    its not the year 2000 folks. google is not some little darling upstart anymore. update your bias accordingly please

    • by Microlith ( 54737 ) on Wednesday October 29, 2008 @04:30PM (#25561401)

      Google will be cheered or booed depending on what they do with their changes to OpenID. They could very well turn around and propose it for version two or whatnot of OpenID. After all, if it isn't compatible then what the hell is the point.

      Microsoft is hated because they DEFINED "embrace and extend." They regularly use it as a weapon against their competitors. We have yet to see Google use their version of OpenID, much less use it against anyone.

      Never mind that OpenID screams "single point of failure" to me.

      • Read the article.

        Google hasnt provided any extensions or changes to OpenID and has released no new protocols. They've introduced a black box you have to go through to get to their vanilla OpenID service. Theres no value add for developers.

        The value add for clients is that they can just enter their email address instead of a URL. This would've been far better served by defining a DNS-SD spec for use in looking up emails and transforming them into OpenID's. Instead Google's opted for a black box of no use

    • Re: (Score:2, Insightful)

      by SecurityGuy ( 217807 )

      I think Google's shininess has worn off for most at this point.

      The interesting implication to me is that I may have to concede Microsoft is not inherently evil, at least not more so than any other large corporation. Google, having become one has been progressively more Microsoft-ey.

      • by BlueGecko ( 109058 ) <benjamin@pollack.gmail@com> on Wednesday October 29, 2008 @05:23PM (#25562047) Homepage

        Hell, I honestly think it's possible to root for Microsoft these days. .NET, including the stuff they've just announced, is an open standard, and MS is encouraging competing implementations. They're working with Mono to ensure it has good Silverlight support, including proprietary codecs. They have their own cloud service, yet worked with Amazon so that Windows could be on EC2. They offer a free version of VisualStudio that's more than sufficient for hobbyist work, and ironically arguably have the most open and easy-to-target 3rd-gen gaming console for small development shops. They're supporting OpenID, making IE increasingly standards-compliant, and, with Windows 7, look like they might actually have a pretty nice operating system that I might not feel a pressing need to migrate away from. They're definitely not perfect—I'm still royally pissed at their behavior over OOXML—but they're doing an awful lot of things right these days.

        Google, on the other hand, is going the opposite direction. They've done a proprietary fork of OpenID (which, despite the other comments on here, I definitely find offensive, because locks you into Google in exactly the same way Passport locked you into Microsoft). They closed their SOAP service and offer no alternative. They've basically said Gmail will never use IMAP properly, and they consider that a feature, not a bug. They do business in China on the argument that "well, someone had to do it, so why not us." They still do a tremendous amount of things right, but, just as I think we should acknowledge that Microsoft nowadays is doing a lot of things right, I think we need to start acknowledging that Google is doing a lot of things wrong.

        Nobody's perfect, and situations can change surprisingly quickly. I remember when IBM was the evil overlord and Microsoft was our savior.

        That was 1992.

        Just because Google's been good up to now is no reason to assume they'll continue to be.

    • Re: (Score:3, Insightful)

      by Red Flayer ( 890720 )
      Hey, FWIW, how about actually observing the Google Reality Distortion Field[1] before blasting its sure appearance?

      There is institutional bias at slashdot, but from what I've seen, the pro-googliness has dropped in the past year or two as Google has started playing hardball with a big stack[2].

      At any rate, slashdot is a community of individuals, and any perceived bias among the community just reflects the fact that fanbois exist -- and if you're aware of that fact, you can run the comments through your ow
    • insert foaming (Score:5, Interesting)

      by coryking ( 104614 ) * on Wednesday October 29, 2008 @04:39PM (#25561529) Homepage Journal

      You see, it is OPEN, right? I mean, it says so right in the name of the protocol *OPEN*ID right? And google is cool right? So OpenXyz + Google = Win, right? I mean, OpenID sucks, right? What is wrong with somebody embracing it and then fixing the problems by extending it to be better? Nothing. After all, it is OpenID.

      I think if I ever start a company that publishes the most evil DRM spec on earth, I'd probably name it OpenDRM or FreeDRM just so I can win over the Slashdot crowd. As long as it has Open or Free in the name, you can pretty much get away with murder, especially when your Slashdot corporate karma is "excellent".

      But seriously, OpenID needs more then a face lift. For starters, based on my experience with Stackoverflow, browsers need to auto-fill the OpenID box with my URL, er, login name (cough). Then they need to boot out any fool who things the "login" should be anything other then an email address. Whoever dreamed up using a URL for a login wanted the spec to fail. Oh, and then when they are done with that, how about moving it down the network stack so that the damn thing can be used to authenticate against protocols other then HTTP, like say, IMAP or something. Oh wait, except OpenID was never intended to be used to authentication... or was it? Nobody really knows because even OpenID proponents says you shouldn't use it for anything other then trivial accounts and if you use it for anything else, you are mis-using the spec!

      • Re: (Score:3, Informative)

        by Just Some Guy ( 3352 )

        Then they need to boot out any fool who things the "login" should be anything other then an email address. Whoever dreamed up using a URL for a login wanted the spec to fail.

        Excellent point. OpenID 3.0 should include provisions for carrying out the authentication via SMTP, and maybe BitTorrent or NNTP.

        Meanwhile, in reality, you know that ultimately the URL is the location of your OpenID server, right?

        • Why OpenID fails (Score:5, Insightful)

          by coryking ( 104614 ) * on Wednesday October 29, 2008 @05:13PM (#25561931) Homepage Journal

          I've got one word for you

          Meanwhile, in reality, you know that ultimately the URL is the location of your OpenID server, right?

          Huh? No seriously. Huh?

          OpenID is just so damn unintuitive that nobody really gets it. It is a fucking login. Why can't it be an email address? Why can't it resolve the right place to conduct authentication business via DNS the same way SMTP gets it's MX record based on everything after the @domain.com?

          Seriously, the more people try to explain it, the more it just makes peoples eyes glaze over. All they see, and all I see, is a fugly looking URL that is supposed to magically authenticate me, only as a web developer, I'm told I can't actually trust the authentication because the protocol wasn't designed for it. Or something. My head spins now.

          • Why can't it resolve the right place to conduct authentication business via DNS the same way SMTP gets it's MX record based on everything after the @domain.com?

            Because for the average person, it's a lot easier to set up a blog than it is to get their ISP to set up custom DNS records.

            • by coryking ( 104614 ) * on Wednesday October 29, 2008 @05:20PM (#25562017) Homepage Journal

              Because for the average person, it's a lot easier to set up a blog than it is to get their ISP to set up custom DNS records.

              There you go again. What the hell are you talking about? Now to log into some stupid site, I have to get a blog too? Huh?

              Admit it, the URL thing sucks ass. Email addresses are something we all have, and many websites are using email addresses as your login already. If OpenID did email, even *if* there wasn't any DNS trickery like I suggest, life would have been 100% easier. But no, I'm sure there is some "valid" reason the purity trolls who wrote the spec had against something so simple and logical, so they decided URL's would be best, usability be damned.

        • Someone above also mentioned OpenID being a single point of failure. Definitely true, so in addition to your mods, I think 3.0 should include the ability to include synonym URLs that are downloaded on first login to a host so that if your server is down, you can still authenticate through the synonyms. Just a thought
    • Re: (Score:2, Funny)

      by uberjack ( 1311219 )
      I imagine that at some point in the future, Google will 'fess up to having been a subsidiary of Microsoft all along. Dr. Zoidberg: "It was me! I'm the hero!"
    • if microsoft did this, the hoardes would be eviscerating the company

      if google does this, watch the defenders come out of the woodwork

      slashdot bias: microsoft bad, google good, apple shrug

      its not the year 2000 folks. google is not some little darling upstart anymore. update your bias accordingly please

      I've been seeing similar comments whenever google does something stupid lately - but for all that people claim we're a bunch of google apologists here, I seldom actually see it. Usually google gets torn apart just as much as anyone else does - perhaps even a bit worse than others because of their unfortunate choice of slogan.

  • by mi ( 197448 )

    Embrace and extend [wikipedia.org] — all the while doing not evil. No, absolutely not.

  • by megamerican ( 1073936 ) on Wednesday October 29, 2008 @04:28PM (#25561373)

    Google OpenID: New and improved personal information gathering.

  • I mean, if I can't use my Gmail address to logon to websites that actually support OpenID, then why would I bother? Not only that though, does it support non Google addresses hosted on Google Apps? (E.g. sexygrrl@example.com)? If not, then even bigger fuck off to it.

    Meh, sounds a bit like another "Passport", fuck that, I don't want a big (or little) corporation controlling my ID.

    Anyway for the ignorant and lazy:

    OpenID is a shared identity service, which allows Internet users to log on to many different web

    • I see two options Google could have pursued if they'd wanted to embrace and extend OpenID to let users use their email addresses.

      1) Define a mapping users can use. Tell users to use http://gmail.com/~ApathyMaybe [gmail.com] or http://apathymaybe.gmail.com/ [gmail.com] for their url's for example.

      2) Define a protocol for developers to map email addresses to URLs. Use some kind of URI-template to convert ApathyMaybe@gmail.com into one of the aboves.

      As you sarcastically point out, they ignored both options and dropped a heinously u

  • by FooBarWidget ( 556006 ) on Wednesday October 29, 2008 @04:34PM (#25561465)

    OpenID usability sucks.

    There, I said it. It's true. My computer-illiterate dad just wants to post a comment on a blog, or to login to a new website. You can't possibly expect him to do something as complex as reading up on what OpenID is, signing up for an OpenID account on a totally different website that has got nothing to do with the original website that he was on, and then logging in by entering a long magical URL. People like him - average users - have trouble enough understanding usernames and passwords! The recently published OpenID usability study confirms all the criticism that I've had on OpenID.

    While OpenID is technologically sound, its usability is not. If Google's version is more usable, but is still open, then I'd gladly support it even if it's not compatible with the "official" OpenID standard. I don't care whether they're being "nice" or "evil" or whatever, I want better usability because software is supposed to be usable.

    • by Kozz ( 7764 )
      In other words, OpenID suffers from so many of the same usability problems as PGP.
    • Re: (Score:2, Interesting)

      by jskora ( 1319299 )
      Wow, now its out. I just had a class project doing a usability test on a popular OpenID web site and EVERY professional web developer I observed had a hard to very had time with OpenID. Its a great idea, but is either flawed in design or badly implemented most places to date.
    • Re: (Score:3, Insightful)

      by LordMyren ( 15499 )

      You clearly havent spent even the most cursory effort to investigate what Google has actually done here.

      They havent changed OpenID, they've built their own black box to lookup OpenID URL's for email addresses.

      Your entire argument is posited around Google making a more usable version of OpenID. While it may be easier for gmail users in that they can use their email addresses instead of url's, Google has not provided any spec for how other sites can implement the black box they've thrown in front of a comple

      • Google's Docs (Score:3, Interesting)

        Your entire argument is posited around Google making a more usable version of OpenID. While it may be easier for gmail users in that they can use their email addresses instead of url's, Google has not provided any spec for how other sites can implement the black box they've thrown in front of a completely vanilla OpenID.

        That's not true.

        They've provide a spec on its (fairly trivial) interaction (since developers couldn't use it otherwise), and they've provided recommendations and rationale on implementation

  • And this is why... (Score:4, Insightful)

    by Azuma Hazuki ( 955769 ) on Wednesday October 29, 2008 @04:35PM (#25561477)

    ...Google scares me more than Microsoft. Even as a die-hard Linux and BSD user, a FOSS zealot, I rest easy knowing Microsoft in its current form will likely be dead in less than a decade. Google, on the other hand, stands to become the Internet-age version of Standard Oil. This is the first "publically-visible" sign of their slide into Microsoft-like evilness, and unlike MS, they will probably be around a long, long time.

    Think about it: the OS doesn't *really* matter (if it did OS X and Linux and all the rest would never have any users). Even MS knows this, as they prepare to break into the "cloud" market. Even the applications aren't *that* important now, with the number of people working on converters and programs like OpenOffice. What's important is data, raw information, and Google is a massive data broker.

    Be very, very careful how much you trust to Google.

    • by homer_s ( 799572 )
      stands to become the Internet-age version of Standard Oil.

      You mean they'll reduce the price of their product so low that consumers will flock to them putting their competitors out of business?
      Oh no, maybe their competitors should get Congress involved [reuters.com].
    • I'm not really addressing your conclusions here, I'm just wondering about one of your assumptions...

      Think about it: the OS doesn't *really* matter (if it did OS X and Linux and all the rest would never have any users).

      If the OS didn't matter I'd be using Windows. It's because the OS matters that there's more than one OS out there.

      Can you explain what you mean here?

    • Re: (Score:3, Insightful)

      by Hangtime ( 19526 )

      I have been on Slashdot for a decade now and those comments about Microsoft being gone in 5, 10, 20 years never get old. When you are sitting on that kind of cash and that kind of cash generating ability your not going anywhere, anytime soon.

    • Re: (Score:3, Interesting)

      by RAMMS+EIN ( 578166 )

      ``This is the first "publically-visible" sign of their slide into Microsoft-like evilness''

      Not even close. They have been doing much more questionable things for a long time now.

  • I don't know too much about OpenID, but in my understanding, you login with your website URL. It seems google is letting you use your email address, which makes more sense (or would make more sense to normal users anyway, as people are used to being forced to enter an email in posting comments in blogs anyway).
    • That's what I read into it too, but actually you can already use an email address, sort of. If they relying party assumes the OpenID given is a URL, then username@gmail.com would resolve to http ://username@gmail.com/, which is a valid URL, pointing to http://gmail.com/ [gmail.com]. Some OpenID 2.0 providers allow you to enter a generic url (like just a domain name), and when redirected to the OpenID provider you're asked to provide both your username and password, rather than just your password. Yahoo supports this, y
  • by bluefoxlucid ( 723572 ) on Wednesday October 29, 2008 @04:46PM (#25561611) Homepage Journal

    Google is a research company; they're doing research. They are improving OpenID, in their opinion. Nobody relies on Google OpenID, they haven't stepped up to make an OpenID implementation and then started adding extensions, and finally broken compatibility to force conversion to their special vendor-locked-in crap. They've come out and said, "We are going to implement something new, based on OpenID."

    Wait until Google Docs stops exporting to deprecated MS Word 97 format (and ignorers .docx entirely), but does export to Google Document Format for their new Google Desktop Office; then you'll see Microsoft behavior.

    • Wait until Google Docs stops exporting to deprecated MS Word 97 format (and ignorers .docx entirely), but does export to Google Document Format for their new Google Desktop Office; then you'll see Microsoft behavior.

      They'd only do that once they had 80%+ of the market. And given their recent actions, I'm pretty sure they *would* do that in a market where they have a monopoly.

      Their whole "don't be evil" thing only applies when it's a minor inconvenience.

    • Re: (Score:3, Insightful)

      by hackingbear ( 988354 )

      Besides, I don't see, from reading the blog, that they make it incompatible with OpenID. they just add two additional steps -- the user enters an gmail address and then the google server returns an OpenID URL. So normal OpenID websites still work, users just type in the URL instead of having the relying party goes find out.

      So it is really a compatible augmentation to OpenID. Whether google patents this or uses other way to prevent others from doing that, I don't know and not technical.

  • The problem from Google's perspective is that the user doesn't have a Google URL, they have a Google username, and that's what the users think they should enter in order to log in.

    So, in stead of typing in something like http://username.openid.google.com/ [google.com] the user selects "Google Account" from a drop-down box, and types in his user name. (Which is functionally equivalent to MS Passport.)

    When I log in to a blog and leave a comment with my OpenID, my OpenID URL is displayed as the unique identifier of the au

  • I think we can ignore Microsoft, as their embrace/extend/destroy philosophy has remained consistent for decades. If they join OpenID it is only to destroy it from within. But this story is a bit crap.

    "As Google points out, this isn't OpenID. This is something that Google cooked up that resembles OpenID masquerading as OpenID"

    So if Google says it isn't OpenID how is it masquerading as OpenID? It sounds like they like the OpenID architecture so have copied it for internal use. Why not? They want to lock in th

  • by IGnatius T Foobar ( 4328 ) on Wednesday October 29, 2008 @06:12PM (#25562623) Homepage Journal
    Having implemented OpenID 1.1 Relying Party support [citadel.org] myself, I think I can definitely see what Google is up to, and it isn't evil, people. OpenID 1.1 was elegant simplicity. Our team built OpenID Relying Party support in just a couple of days without even using any external libraries. OpenID 2.0, on the other hand, is a disaster. Its architecture reeks of design-by-committee. There were four different groups vying to define the standard for single-sign-on for the web, so what did they do? They basically just glommed all of the different technologies together and called it OpenID 2.0. There are all sorts of things you have to support, like I-Names (which no one is going to use). In the end our team decided to just implement OpenID 1.1 and rely on the recommendation for backward compatibility which is built into OpenID 2.0 (a recommendation which Yahoo ignored, btw).

    So it's very possible that some engineers at Google said "hold on a minute. This sucks. OpenID 1.1 made a lot more sense, let's build out from there and see if it's something that the Internet community accepts."

    It may even come to pass that both OpenID 2.0 and Goopen-ID both end up specifying backwards compatibility to OpenID 1.1, which would be great because it would effectively halt the progress of the over-engineered OpenID 2.0 and put us back on a saner path.

    Let's not call Google's plans evil until we see where this goes. It could end up being something that finally puts this useful technology into some widespread use.
    • by Shados ( 741919 ) on Wednesday October 29, 2008 @06:31PM (#25562845)

      OpenID 2.0, on the other hand, is a disaster. Its architecture reeks of design-by-committee

      Basically all open standards do, or eventually do, which is why many commercial entities decide to roll up their own. Yup, while definately many of the times when Microsoft did something like this WAS out of "evil", a large portion was for the same darn reason as this. There's VERY few open standards that aren't an insane mess of "I'll add your idea if you add mine" crap.

    • Re: (Score:3, Insightful)

      You know, Microsoft usually offers that very same excuse when asked why they don't use standard protocols, or extend them: "well, that's because the standard sucks".

      We all know how that line of thinking usually goes on /. - but, this is Google, so...

  • Google reality Check (Score:3, Informative)

    by i_want_you_to_throw_ ( 559379 ) on Wednesday October 29, 2008 @08:12PM (#25563919) Journal
    Once Google became a publicly traded company their only obligation transitioned to making a profit for their shareholders.

    Yeah that sucks but it's reality.

    Google: We do less evil than everyone else(tm)

    Let the backlash and my modding down begin!
  • by ryanvm ( 247662 ) on Wednesday October 29, 2008 @08:55PM (#25564309)

    Fork it! We'll do it live!

  • Brad @ Google (Score:3, Informative)

    by Tuqui ( 96668 ) on Wednesday October 29, 2008 @10:20PM (#25564867) Homepage

    Brad Fitzpatrick the creator of OpenID is working for Google now.
    Maybe he knows better what they are doing.

  • No fork (Score:3, Informative)

    by augustz ( 18082 ) on Wednesday October 29, 2008 @10:38PM (#25564969)

    What a ridiculous headline.

    To quote from the actual posting, "The initial version of the API will use the OpenID 2.0 protocol"

    This version was developed by OpenID, and is incompatible with 1.0, but open in the same way for everyone to use, with a number of improvements... Google is forking nothing.

news: gotcha

Working...