Your SlideShare is downloading. ×
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
OpenID - An in depth look at what it is, and how you can use it
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

OpenID - An in depth look at what it is, and how you can use it

1,905

Published on

A "Brown Bag Tech Talk" I gave at Digg, Inc. Thursday, May 20, 2009. It covers technical background on OpenID, as well as some screen shots of what some current user interface implementations look …

A "Brown Bag Tech Talk" I gave at Digg, Inc. Thursday, May 20, 2009. It covers technical background on OpenID, as well as some screen shots of what some current user interface implementations look like.

Published in: Technology
1 Comment
1 Like
Statistics
Notes
  • I had to Embed this in my blog hoping to spread the word a little more. I hope this becomes more popular. Forums , Boards and other crap are really bugging me with registering for something that i only wish to use once. I hope these crappy sites Get out of my Google So I can find or ask for what i need. These Forums and their interface are lost in the Y2K era
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
1,905
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
32
Comments
1
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide


















  • Transcript

    • 1. An in-depth look at what it is, and how you can use it
    • 2. What is OpenID? • quot;OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID takes advantage of already existing internet technology (URI, HTTP, SSL, Diffie- Hellman)” • An ID is a URI or XRI • Federated, not delegated SSO (Facebook Connect, Sign-In with Twitter)
    • 3. History • 1.0 (5/2005) Original specification by Brad Fitzpatrick • 1.1 (5/2006) First revision by Brad Fitzpatrick and David Recordon • 2.0 (12/5/2007) Significant Changes • Added directed identity, extensions, nonces, SHA256 support • Versioned • Yadis for discovery
    • 4. Terminology • Identifier (URI or XRI) • End User (EU) • Relying Party (RP, Consumer) • OpenID Provider (OP, Identity Provider, IdP, Server) • OP Endpoint URL
    • 5. Simple Overview • End User presents an identifier to a RP, claiming to own it • RP directs the end user to the OP to log in and authorize • End User is directed back to RP, who verifies the claim
    • 6. A closer look • EU supplies identifier to RP • RP performs discovery on EU supplied identifier • RP optionally creates an association (shared secret) with OP • RP Builds auth request URL and redirects EU to it • EU logs in to OP, authorizes the request, is redirected back to RP • RP receives auth response, and verifies the assertion
    • 7. HTML Discovery
    • 8. Yadis Discovery (yet another discovery protocol)
    • 9. Discovery History • 1.x: HTML • 2.0:Yadis/XRDS, HTML • Future: LRDD/XRD
    • 10. OpenID Protocol Messages • All OpenID messages are key/value pairs • Indirect Requests are GET parameters • Direct Requests use POST • Response KV format for direct requests is quot;key:valuenquot; • Keys contain 'openid.' prefix, as in “openid.claimed_id”
    • 11. OpenID Modes • associate (direct communication) • Optional, but recommended • Establish a shared secret between RP and OP • checkid_immediate (indirect communication) • OP should not interact with EU • checkid_setup (indirect communication) • OP should interact with EU • check_authentication (direct communication) • Verify an assertion directly with OP (no association)
    • 12. Associations • Uses Diffie-Hellman protocol for establishing shared secrets over unencrypted transports (HTTP) • sha1 or sha256 • Can use “no-encryption” if the connection is over HTTPS
    • 13. Extensions • Officially supported in 2.0 • Does not require an identifier • Popular extensions • Simple Registration (SREG) • Attribute Exchange (AX) • OpenID OAuth Extension (OAUTH) • Provider Authentication Policy Extension (PAPE) • User Interface (UI)
    • 14. OpenID Libraries • PHP • JanRain (openidenabled.com) Very Complete • PEAR (RP support only as of this writing) • Zend Framework • CakePHP • Python • JanRain (openidenabled.com) • Ruby, C#, C++, Perl, Java, ColdFusion, Apache 2
    • 15. Outsourcing OpenID • RPX (JanRain) • Vidoop Connect

    ×