Presentation is loading. Please wait.

Presentation is loading. Please wait.

David Recordon IOS Vancouver 2006.

Published byEthel Weaver Modified over 8 years ago

Similar presentations

Presentation on theme: "David Recordon IOS Vancouver 2006."— Presentation transcript:

1 David Recordon drecordon@verisign.com IOS Vancouver 2006

2 What was OpenID 1.1? ● An identity authentication system ● A protocol – gratis, libre ● Not a service or company – not Passport – not TypeKey – not Sxip ● Survives if companies turn evil or go out of business

3 Why Was It Developed? ● No authentication was way too common ● Comment spam ● Auth interop – LiveJournal – TypePad – Movable Type – WordPress – DeadJournal lame

4 Design Goals For Auth ● Low barrier to entry – Works with static HTML pages – Decentralized – Understandable identity (a URL) ● No new namespace ● No public keys (key revocation, etc...) – No SSL required – No browser plugins ● Most simple protocol possible – Other needs layered atop

5 What is OpenID 2.0? ● An identity system framework ● Multiple protocols – Discovery (Yadis) – Authentication ● URLs ● i-names – Messaging (DTP) – Profile Exchange (Many layered atop DTP) – … ● Still not a service or company ● Open community development within the incubating Apache Heraldry Podling

6 Design Goals For OpenID 2.0 ● Identity 2.0 – User Centric – Internet Scale – Privacy Protecting – Community Driven ● Framework of interoperable specifications – Handful of twenty page specs versus one one-hundred-fifty page spec ● Extensible ● Interoperable

7 How's Auth Work? ● Proves “who” you are – You own a URL or an i-name – One-time assertions w/ digital signature – See openid.net for specs, libraries, etc ● Not a trust system…yet – Spammers can/will/have setup OpenID Authentication servers – Better than the state of email today – Trust/reputation providers can easily build atop the OpenID framework

8 Why URLs as identity? ● Already the convention – Comment by Matt at 7:23pm – Mouseover to see which Matt ● Users don't understand public keys ● Users don't understand namespaces ● Users associate email addresses with spam ● Users do understand URLs – 10+ years of billboards and TV commercials ● You can click them – Tangible

9 Deployment ● Relying Parties – Six Apart’s blogging properties – Zooomr – ClaimID – Opinity – PeopleAggregator ● Patches / Active Development – WordPress – MoinMoin – Drupal – phpBB – MediaWiki – Mailman ● Identity Providers – MyOpenID.com – VeriSign Lab’s Personal Identity Provider – GetOpenID.com – Videntity.com

10 Code! ● Free libraries – PHP – Perl – Python – C# – Ruby – Java – C++

11 Questions? www.OpenID.net www.OpenIDEnabled.com yadis@lists.danga.com David Recordon (drecordon@verisign.com)

Download ppt "David Recordon IOS Vancouver 2006."

Similar presentations

12 October 2011 Andrew Brown IMu Technology EMu Global Users Group 12 October 2011 IMu Technology.

12 October 2011 Andrew Brown IMu Technology EMu Global Users Group 12 October 2011 IMu Technology.
Section 10.1 Identify how Web sites are structured Explain the role of URLs Describe the function of HTTP Section 10.2 Explain how the Web has affected.

Section 10.1 Identify how Web sites are structured Explain the role of URLs Describe the function of HTTP Section 10.2 Explain how the Web has affected.
Brad Fitzpatrick Six Apart, Ltd. / LiveJournal / Danga August 2005.

Brad Fitzpatrick Six Apart, Ltd. / LiveJournal / Danga August 2005.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
By: Ansuya Chauhan.

By: Ansuya Chauhan.
And YADIS David Recordon Six Apart, Ltd. / LiveJournal.com / Danga Interactive, Inc. Parts of presentation stolen from Brad Fitzpatrick.

And YADIS David Recordon Six Apart, Ltd. / LiveJournal.com / Danga Interactive, Inc. Parts of presentation stolen from Brad Fitzpatrick.
Experimental OpenID Service for DOEGrids Summer Student Program 2008 Jan Durand ESnet 08/06/08.

Experimental OpenID Service for DOEGrids Summer Student Program 2008 Jan Durand ESnet 08/06/08.
Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.
1 Higgins 1: a species of Tasmanian long-tailed mouse 2: the name of an open source collaboration of IBM, Novell, Oracle, Parity…

1 Higgins 1: a species of Tasmanian long-tailed mouse 2: the name of an open source collaboration of IBM, Novell, Oracle, Parity…
December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
Introduction to OpenID Huanxing Shen WHIM 2009Spring.

Introduction to OpenID Huanxing Shen WHIM 2009Spring.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
The Design and Implementation of an OpenID-Enabled PKI Kevin Bauer University of Colorado Supervisor: Dhiva Muruganantham.

The Design and Implementation of an OpenID-Enabled PKI Kevin Bauer University of Colorado Supervisor: Dhiva Muruganantham.
Creating WordPress Websites. Creating a site on your computer Local server Local WordPress installation Setting Up Dreamweaver.

Creating WordPress Websites. Creating a site on your computer Local server Local WordPress installation Setting Up Dreamweaver.
OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.

OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.
1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.

1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.
Virtual Observatory Single Sign-on U.S. National Virtual Observatory National Center for Supercomputing Applications Ray Plante, Bill Baker.

Virtual Observatory Single Sign-on U.S. National Virtual Observatory National Center for Supercomputing Applications Ray Plante, Bill Baker.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
Single Sign-on Writ Large. What is OpenID?  Open, Decentralized single sign on standard  Allows users to use a single digital identity across multiple.

Single Sign-on Writ Large. What is OpenID?  Open, Decentralized single sign on standard  Allows users to use a single digital identity across multiple.

Similar presentations

Ads by Google