"The current set of differences between OpenID Connect and Sign In with Apple reduces the places where users can use Sign In with Apple and exposes them to greater security and privacy risks. It also places an unnecessary burden on developers of both OpenID Connect and Sign In with Apple. By closing the current gaps, Apple would be interoperable with widely-available OpenID Connect Relying Party software," the letter states.
Furthermore, Apple stated that users can choose to keep their email address private—apps would get a randomized email address instead, which would then get forwarded to a user's real email address.
OpenID's point of contention is that Apple is leveraging OpenID Connect for Sign-In with Apple, but with key differences that make it less secure and not as private. Therefore, it is calling on Apple do the following...
- Address the gaps between Sign In with Apple and OpenID Connect based on the feedback.
- Use the OpenID Connect Self Certification Test Suite to improve the interoperability and security of Sign In with Apple.
- Publicly state that Sign In with Apple is compatible and interoperable with widely-available OpenID Connect Relying Party software.
- Join the OpenID Foundation.
OpenID itself is an open standard and decentralized authentication protocol. It is promoted by the OpenID Foundation, a non-profit consortium that counts Google, Microsoft, and PayPal among its members.
Apple has already begun testing iOS 13 with developer betas, and is expected to release a public beta later this month. A finalized version will make its official debut sometime in the fall.