Your SlideShare is downloading. ×
0
Online Identity:
          OpenID, OAuth, Information Cards
                                   OCRN Aug 2009

            ...
I am a community builder.
 This is the technical community around user-centric digital identity that I have helped
   buil...
In mid 2004 Julia Butterfly Hill
                                    launched this website to encourage
                   ...
My sketches from 2003 for distributed social network
                      platform with user-centric identity.




    Ho...
To cross boundaries and domains on the web people,
         citizens, consumers needed the power to manage their
         ...
The good news is that the identity community has
          come a long way in developing identity management
          too...
The first two technologies I will be covering are OpenID
     and OAuth - the key protocols in the so-called “open stack”

...
openid.net


Wednesday, August 19, 2009
OpenID creates an integrated and wholistic “online life” (identity)
        replacing the fragmentation that is created by...
Different persona’s for one user that could
                                 each have a different OpenID URL.

Wednesday,...
The user goes to a website




Wednesday, August 19, 2009
Traditionally the user is
                             presented with the
                             opportunity Login w...
user name/password
                                                                      is replaced with
                ...
The website the
                              user is logging into

                             redirects the user to
   ...
The user
        is asked to
       authenticate




Wednesday, August 19, 2009
The user responds
  with a password
     (or other additional
   methods of authentication
         like a token)




Wedn...
Authentication is successful!

       The site with the user’s URL
      redirects the user back to the
                  ...
Who’s In?
        Corporate Members:
          •   Facebook - Luke Shepard
          •   Google - Eric Sachs
          •  ...
What you can do:



                             * Accept OpenID’s

                             * Issue OpenID’s (to empl...
Single Sign On isnʼt enough though.
               You also have to empower people to be able to
               share data...
The user belongs to two different sites.
Wednesday, August 19, 2009
How can the user move photos from photo site to the
             social network site without giving away the password
    ...
The user asked if they want to share - then
              redirected to the site to give their permission

Wednesday, Augu...
The photo site gives the social network site a token
               to the social network that gives it access to their ac...
A data tunnel is created between the user’s
                                       accounts on both sites
Wednesday, Augus...
A user posts photos and they can flow from
            one to the other - and they didn’t give away their password.

Wednes...
Who’s In?




Wednesday, August 19, 2009
What you can do:

                                END THE
                               PASSWORD
                        ...
informationcard.net


Wednesday, August 19, 2009
Wednesday, August 19, 2009
Wednesday, August 19, 2009
Wednesday, August 19, 2009
Wednesday, August 19, 2009
Reminders



Wednesday, August 19, 2009
Who’s In?


                             Card Space




Wednesday, August 19, 2009
Who’s In?




Wednesday, August 19, 2009
What you can do:
         *Issue information cards to members of your
         site/organization
         *Accept informat...
Kaliya Hamlin
                                     Identity Woman

                                     @identitywoman
   ...
Upcoming SlideShare
Loading in...5
×

Online Identity for Community Managers: OpenID, OAuth, Information Cards

3,382

Published on

This presentation is for the Online Community Research Network and was modified from the Presentation that I gave at Community 2.0.

It gives a clear outline of how OpenID, OAuth and Information Cards work, who is involved in moving them forward and what online communities can do to implement.

0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,382
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
60
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Transcript of "Online Identity for Community Managers: OpenID, OAuth, Information Cards"

  1. 1. Online Identity: OpenID, OAuth, Information Cards OCRN Aug 2009 Kaliya Hamlin, Identity Woman @identitywoman identitywoman.net skype:identitywoman AIM/e-mail:kaliya@mac.com co-founder, co-producer and the facilitator of the INTERNET IDENTITY WORKSHOP www.internetidentityworkshop.com Wednesday, August 19, 2009
  2. 2. I am a community builder. This is the technical community around user-centric digital identity that I have helped build. We have met since 2005 every 6 months at the Internet Identity Workshop. Wednesday, August 19, 2009
  3. 3. In mid 2004 Julia Butterfly Hill launched this website to encourage people to be active and linked to 40+ organizations. These sites had about 50 login opportunities - each one of them each required a new/ different user name and password. How were all these groups going to work together –to form a strong community - if the citizens they were asking to participate were required to create several dozen accounts just to join the related efforts and collaborate across them? The answer is: with difficulty. Just having links to good things is not enough to support a networked movement. Activism as Patriotism only lasted until early 2007. Wednesday, August 19, 2009
  4. 4. My sketches from 2003 for distributed social network platform with user-centric identity. How could the people that I knew shared interests and passion in community (both facet to face and online), be able to work together across boundaries and domains on the web? In 2003 I began to sketch out designs for online “social network tools” (that term was not yet in widespread use) for face to face communities to connect online. I knew user-centric identity technologies were essential but others didnʼt see it yet. Wednesday, August 19, 2009
  5. 5. To cross boundaries and domains on the web people, citizens, consumers needed the power to manage their own identity information. By identity information I specifically mean the identifiers and handles that they use across time and in cyber space - controlling the ways in which they are “seen” in different contexts. To do this we need open technical standards to make identifiers portable across contexts and we need interfaces to make this easy. Wednesday, August 19, 2009
  6. 6. The good news is that the identity community has come a long way in developing identity management tools. Three are discussed in this slideshare. Wednesday, August 19, 2009
  7. 7. The first two technologies I will be covering are OpenID and OAuth - the key protocols in the so-called “open stack” Wednesday, August 19, 2009
  8. 8. openid.net Wednesday, August 19, 2009
  9. 9. OpenID creates an integrated and wholistic “online life” (identity) replacing the fragmentation that is created by maintaining 100-300 different accounts for different online services and the necessity to create a new one at every website that requires a login. Can you imagine how much easier and more pleasant community life would be if we could reduce the number of identifiers and handles to a manageable number – say under ten. Wednesday, August 19, 2009
  10. 10. Different persona’s for one user that could each have a different OpenID URL. Wednesday, August 19, 2009
  11. 11. The user goes to a website Wednesday, August 19, 2009
  12. 12. Traditionally the user is presented with the opportunity Login with a user-name and password Wednesday, August 19, 2009
  13. 13. user name/password is replaced with OpenID login box The user enters a URL they control - like their blog URL or from a provider. * Newer user interfaces allow user to pick Open ID provider they might have like Google,Yahoo, Myspace, Facebook, AOL etc... Wednesday, August 19, 2009
  14. 14. The website the user is logging into redirects the user to where their URL Wednesday, August 19, 2009
  15. 15. The user is asked to authenticate Wednesday, August 19, 2009
  16. 16. The user responds with a password (or other additional methods of authentication like a token) Wednesday, August 19, 2009
  17. 17. Authentication is successful! The site with the user’s URL redirects the user back to the the user is website they are logging into. logged in Wednesday, August 19, 2009
  18. 18. Who’s In? Corporate Members: • Facebook - Luke Shepard • Google - Eric Sachs • IBM - Nataraj (Raj) Nagaratnam • Microsoft - Michael B. Jones Community Members: • PayPal - Andrew Nash • Brian Kissel (JanRain) • VeriSign - Gary Krall • Chris Messina (independent) • Yahoo! - Raj Mata • David Recordon (Six Apart) • Joseph Smarr (Plaxo) • Nat Sakimura (Nomura Research Institute) • Scott Kveton • Snorri Giorgetti (OpenID Europe) • Allen Tom (Yahoo) Wednesday, August 19, 2009
  19. 19. What you can do: * Accept OpenID’s * Issue OpenID’s (to employees) * Issue OpenID’s to your user base Wednesday, August 19, 2009
  20. 20. Single Sign On isnʼt enough though. You also have to empower people to be able to share data their own data. oauth.net Wednesday, August 19, 2009
  21. 21. The user belongs to two different sites. Wednesday, August 19, 2009
  22. 22. How can the user move photos from photo site to the social network site without giving away the password for the photo site to the social network site? Wednesday, August 19, 2009
  23. 23. The user asked if they want to share - then redirected to the site to give their permission Wednesday, August 19, 2009
  24. 24. The photo site gives the social network site a token to the social network that gives it access to their account. Wednesday, August 19, 2009
  25. 25. A data tunnel is created between the user’s accounts on both sites Wednesday, August 19, 2009
  26. 26. A user posts photos and they can flow from one to the other - and they didn’t give away their password. Wednesday, August 19, 2009
  27. 27. Who’s In? Wednesday, August 19, 2009
  28. 28. What you can do: END THE PASSWORD ANTI-PATTERN STOP Asking users for their password to gain access to another site on their behalf Implement Oauth on your site Ask your partners to implement it. Wednesday, August 19, 2009
  29. 29. informationcard.net Wednesday, August 19, 2009
  30. 30. Wednesday, August 19, 2009
  31. 31. Wednesday, August 19, 2009
  32. 32. Wednesday, August 19, 2009
  33. 33. Wednesday, August 19, 2009
  34. 34. Reminders Wednesday, August 19, 2009
  35. 35. Who’s In? Card Space Wednesday, August 19, 2009
  36. 36. Who’s In? Wednesday, August 19, 2009
  37. 37. What you can do: *Issue information cards to members of your site/organization *Accept information cards from netizens to collect information you think is important *Use it to get third party validation about key things important to you - so you donʼt have to do identity proofing. Wednesday, August 19, 2009
  38. 38. Kaliya Hamlin Identity Woman @identitywoman identitywoman.net skype:identitywoman AIM/e-mail:kaliya@mac.com co-founder, co-producer and the facilitator of the INTERNET IDENTITY WORKSHOP .com Wednesday, August 19, 2009
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×