Slideshow Transcript

1. Slide 1: Today Eduserv OpenID Meeting
2. Slide 2: \"Its definitely time to declare \"OpenID is a protocol made OpenID a winner\" for the public, by the public. TechCrunch No one owns or controls your login information:You do.\" 37signals \"...sees great potential for OpenID's use alongside enterprise-ready software infrastructure\" Sun Microsystems \"taking the world by storm\" \"this high profile announcement marks Tim O'Reilly the importance of single sign on identity technology to the future of the Internet\" ReadWriteWeb
3. Slide 3: What is OpenID? • Single sign-on for the web • Simple and light-weight (not going to replace your bank card pin) • Easy to use and deploy • Built upon proven existing technologies (DNS, HTTP, SSL/TLS, Diffie-Hellman) • Decentralized (you don't have to ask anyone permission to implement it) • Free!
4. Slide 4: An OpenID is a URI • URLs are globally unique and ubiquitous • OpenID allows proving ownership of an URI • People already have identity at URLs via blogs, photos, MySpace, FaceBook, etc • People already describe relationships via URLs (e.g. links to my friends)
5. Slide 5: OpenID is Decentralized
6. Slide 6: \"What problems does it solve?\"
7. Slide 7: Too many usernames
8. Slide 8: Too many passwords
9. Slide 9: Signup is too hard
10. Slide 10: Directories are hard
11. Slide 11: Strong auth is complex
12. Slide 12: The web lacks identity
13. Slide 13: OpenID is another important building block.
14. Slide 14: Identity is not just one thing
15. Slide 15: ...but it is really about trust
16. Slide 16: With OpenID, you get to choose who you trust. (and even change your mind later)
17. Slide 17: O M E How Does it Work? D
18. Slide 18: As a Conversation Who are you? I’m davidrecordon.com Prove it!
19. Slide 19: Discovers My Provider \"openid.server\" points to my OpenID Provider
20. Slide 20: (crypto happens)
21. Slide 21: O M E Using OpenID D
22. Slide 22: Getting an OpenID http://openid.net/get/
23. Slide 23: OpenID is Really Easy
24. Slide 24: \"This is a geek's toy, nobody will ever have an OpenID!\"
25. Slide 25: ~160 million OpenIDs (including every AOL user) OpenID 1.1 - Estimated from various services
26. Slide 27: \"Nobody will ever use this!\"
27. Slide 28: Total Relying Parties (aka places you can login with OpenID) 6,000 4,500 3,000 1,500 0 ov b ay ly '06 ar ne ov ay ly '05 ct ec r g ne p ec '07 b ct ar r st 22 Ap Ap Au Fe Se Fe Ju Ju gu O O M M M M D D Ju Ju N N p p Jan Jan Au Se Se OpenID 1.1 - As viewed by MyOpenID.com
28. Slide 29: \"So that's great there are so many blogs, but what about something real?\"
29. Slide 31: http://janrain.com/blog/2007/11/05/openid-in-higher-education/
30. Slide 32: “Any OpenID in the enterprise?”
31. Slide 33: Offer all employees OpenIDs; open source Enterprise SSO and identity manager with LDAP and OpenID Internal SSO for bug trackers and wikis OpenID Provider with plans to ship in enterprise products this year Shared OpenID Provider for their businesses and partners Project management, CRM, and billing for small businesses
32. Slide 34: \"What about security?\"
33. Slide 35: “Protocol Security?”
34. Slide 36: like any protocol...think as you implement
35. Slide 37: What about phishing?
36. Slide 38: Kitten Overload! More kittens! Simon Willison - FOWA 02/07
37. Slide 39: Kitten Overload! Identity theft! FAKE :'( Simon Willison - FOWA 02/07
38. Slide 40: Safe Sign-In Pages
39. Slide 43: Estonian ID-card http://open.id.ee/
40. Slide 44: the best solutions may around the browser
41. Slide 45: Microsoft CardSpace
42. Slide 46: MyVidoop Plugin (a password manager tied into your OpenID account add-on for Firefox)
43. Slide 47: Sxipper (a form filler password manager with OpenID integration add-on for Firefox)
44. Slide 48: Symantec Identity Client (OpenID form-fill, upcoming provider, and claims integration)
45. Slide 49: VeriSign's OpenID SeatBelt (an OpenID convenience and security add-on for Firefox) works with
46. Slide 50: IE Team has posted a job ad mentioning \"OpenID\" \"Does the idea of redefining the role of the Internet browser appeal to you? Do the terms HTTP, RSS, Microformats, and OpenID, excite you? If so, then this just might be the opportunity for you.\"
47. Slide 51: OpenID doesn't dictate an authentication method
48. Slide 52: OpenID is great for innovation
49. Slide 53: \"How do I deploy OpenID?\"
50. Slide 54: OpenID Specs • OpenID Authentication 1.1 • OpenID Simple Registration 1.0 • Yadis Discovery Protocol • OpenID Authentication 2.0 (implementors draft) • OpenID Attribute Exchange 1.0 (draft) • OpenID PAPE 1.0 (draft) • OpenID Data Transport Protocol (draft)
51. Slide 55: Final Specifications • OpenID Authentication 1.1 • What most people think of for OpenID • What I’m mainly talking about today • Very simple • OpenID Simple Registration Extension • Exchange basic profile data • Keep the user in charge
52. Slide 56: OpenID Authentication 2.0 • Cleans up the 1.1 specification • Adds a few useful features • Robust extensibility • Enhanced service discovery • \"Directed identity\" • XRI • About six independent library implementations of final draft
53. Slide 57: Attribute Exchange • Flexible framework for exchange rich profile attributes • Keeps the user in charge • Allows updating data in a distributed fashion
54. Slide 58: PAPE • Communicate details about how the user authenticated • High-level policies such as “phishing resistant” or “multi-factor” • Increasingly important with higher value OpenID transactions
55. Slide 59: Lots Easy of Code • Libraries in C#, C++, Java, Perl, Python, Ruby, PHP, and ColdFusion • Can have something working within a weekend • Need to think a bit about security and usability
56. Slide 60: “Why OpenID and education?”
57. Slide 61: Thanks! Questions? http://openid.net/ David Recordon davidrecordon.com david@sixapart.com