How is OpenID implemented?

Question

How would you design and implement OpenID components?

(Was \"How does OpenId work\")

I realize this question is somewhat of a duplicate, and yes

Answer 1

Also related:

The super-famous talk by Dick Hardt on Identity 2.0, I suppose almost everyone has watched it, but if you haven't it is a must see.

It is more about the reasoning of the need of things like Open ID and not necessarily about their implementation, though.

Answer 2

I recommend Joseph Smarr's Recipe for OpenID-Enabling Your Site.

I haven't read the DotNetOpenID docs, but I would hope whatever implementation you choose would also have some overview documentation and/or examples to illustrate usage of the API.

Answer 3

Check out Security Now podcast, episode 95. (Actually audio)

Answer 4

Jeff has a great article on OpenID where he shares his experiences:

OpenID: Does The World Really Need Yet Another Username and Password?

There are some links to tutorials on the official OpenID site:

http://openid.net/developers/

You can get a nice login-control for OpenID (which also is used here on stackoverflow) here:

http://www.idselector.com/

Answer 5

This page has a nice flow diagram.

I found this link on the OpenID Wiki, you might want to check there for more resources.