Presentation is loading. Please wait.

Presentation is loading. Please wait.

Brad Fitzpatrick Six Apart, Ltd. / LiveJournal / Danga August 2005.

Published byDorian Eyer Modified over 9 years ago

Similar presentations

Presentation on theme: "Brad Fitzpatrick Six Apart, Ltd. / LiveJournal / Danga August 2005."— Presentation transcript:

1 Brad Fitzpatrick brad@danga.com Six Apart, Ltd. / LiveJournal / Danga August 2005

2 What is OpenID? ● an identity system – all the rage lately ● a protocol – gratis, libre ● not a service or company – not Passport – not TypeKey – not Sxip ● survives if companies turn evil or go out of business

3 Why? ● no authentication way too common ● comment spam ● auth interop – LiveJournal – TypePad – Movable Type – DeadJournal, WordPress, TextPattern,..... lame

4 Design Goals ● low barrier to entry – works with static HTML pages – no registration (no central server) – understandable identity (a URL) ● no new namespace ● no public keys (key revocation, etc...) – no SSL required – no browser plugins ● most simple protocol possible – other needs layered atop

5 What OpenID isn't... ● a trust system – need identity before you can have trust ● a solution for all identity problems ● perfectly secure – DNS spoofing – man-in-the-middle ● between some parts

6 How's it work? ● proves “who” you are – one-time assertions w/ digital signature – see openid.net for specs ● not that you're a good person – spammers can/will/have setup OpenID servers – better than state of email today – Trust/reputation providers on their way ● 5+ companies working on this ● TrustRank

7 Chicken / Egg ● LiveJournal / TypePad / Movable Type – all support OpenID server – OpenID consumer in LJ/MT ● TypePad soon enough ● TypeKey – still speaks TypeKey. also speaks OpenID – an OpenID provider for people without their own ● 10M+ OpenID users who don't know it – already: DeadJ/GreatestJ/LiveJ interop

8 Why URLs as identity? ● already the convention – Comment by Matt at 7:23pm – mouseover to see which Matt ● users don't understand public keys ● users don't understand namespaces ● users do understand URLs – 10+ years of billboards and TV commercials ● you can click them – tangible

9 Why should you use OpenID? ● interop with others using OpenID – your users can mark external users leaving comments as “trusted” or “friends” – your users can bring their identity to other sites, thus advertising your service ● not theoretical, already in use ● can support OpenID + _______ in future – no reason to only support OpenID ● free ● open libraries for most languages

Download ppt "Brad Fitzpatrick Six Apart, Ltd. / LiveJournal / Danga August 2005."

Similar presentations

The How of OAuth OAuth Hackathon – Six Apart

The How of OAuth OAuth Hackathon – Six Apart
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
The I-Card Cloud Selector CloudCard.  An introduction to Avoco’s fully Cloud based I-Card Selector, CloudCard  A demonstration of the logon process.

The I-Card Cloud Selector CloudCard.  An introduction to Avoco’s fully Cloud based I-Card Selector, CloudCard  A demonstration of the logon process.
Addressing spam email and enforcing a Do Not Email Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
Post-Module WordPress 3-5 BTM 395: Internet Programming.

Post-Module WordPress 3-5 BTM 395: Internet Programming.
By: Ansuya Chauhan.

By: Ansuya Chauhan.
And YADIS David Recordon Six Apart, Ltd. / LiveJournal.com / Danga Interactive, Inc. Parts of presentation stolen from Brad Fitzpatrick.

And YADIS David Recordon Six Apart, Ltd. / LiveJournal.com / Danga Interactive, Inc. Parts of presentation stolen from Brad Fitzpatrick.
Experimental OpenID Service for DOEGrids Summer Student Program 2008 Jan Durand ESnet 08/06/08.

Experimental OpenID Service for DOEGrids Summer Student Program 2008 Jan Durand ESnet 08/06/08.
Mark Phillip markphillip.com “Badges? We don't need no stinkin' badges!” A Look at Identity on the Web.

Mark Phillip markphillip.com “Badges? We don't need no stinkin' badges!” A Look at Identity on the Web.
Unit 12 Using the Internet & Browsing the Web.  Understand the difference between the Internet and the World Wide Web  Identify items on a web page.

Unit 12 Using the Internet & Browsing the Web.  Understand the difference between the Internet and the World Wide Web  Identify items on a web page.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
Introduction to OpenID Huanxing Shen WHIM 2009Spring.

Introduction to OpenID Huanxing Shen WHIM 2009Spring.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
Acquiring A Web Presence Caroline Leibinger Jimmy Neyhart Joey Tuma.

Acquiring A Web Presence Caroline Leibinger Jimmy Neyhart Joey Tuma.
OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.

OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.
Single Sign-on Writ Large. What is OpenID?  Open, Decentralized single sign on standard  Allows users to use a single digital identity across multiple.

Single Sign-on Writ Large. What is OpenID?  Open, Decentralized single sign on standard  Allows users to use a single digital identity across multiple.
Remote Access SSL VPN Stewart Duncan Technical Manager.

Remote Access SSL VPN Stewart Duncan Technical Manager.
Email Security Jonathan Calazan December 12, 2005.

Security Jonathan Calazan December 12, 2005.
Short History YouTube, LLC* is a video sharing website where users can upload, view and share video clips. YouTube was created in February 2005 by three.

Short History YouTube, LLC* is a video sharing website where users can upload, view and share video clips. YouTube was created in February 2005 by three.
MEDLINEplus Tutorial Chicago Urban Health Outreach Project MEDLINEplus Tutorial Use the buttons below to navigate. Start by clicking the right arrow to.

MEDLINEplus Tutorial Chicago Urban Health Outreach Project MEDLINEplus Tutorial Use the buttons below to navigate. Start by clicking the right arrow to.

Similar presentations

Ads by Google