Slideshare.net (beta)

Home Browse My Slidespace Upload Community Tags Widgets

Latest | Most Viewed | Most Embedded | Featured | Most Favorited | Most Downloaded | Slidecasts

 
Post to TwitterPost to Twitter
Post: 
Myspace Hi5 Friendster Xanga LiveJournal Facebook Blogger Tagged Typepad Freewebs BlackPlanet gigya icons

All comments

Add a comment on Slide 1

If you have a SlideShare account, login to comment; else you can comment as a guest


Showing 1-50 of 7 (more)

Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0

From daveman692, 11 months ago

David Recordon and Martin Paljak's talk on OpenID generally and it more

2978 views  |  2 comments  |  7 favorites  |  254 downloads  |  1 embed (Stats)
 

Categories

Add Category
 
 

Tags

openid web2expoberlin estonia david recordon berlin martin paljak web2.0

 
 

Groups / Events

 

 
Embed
options

More Info

This slideshow is Public
Total Views: 2978
on Slideshare: 2975
from embeds: 3

Slideshow transcript

Slide 1: Emerging From Web 2.0 Web 2.0 Expo Berlin 2007

Slide 2: \"Its definitely time to declare \"OpenID is a protocol made OpenID a winner\" for the public, by the public. TechCrunch No one owns or controls your login information:You do.\" 37signals \"...sees great potential for OpenID's use alongside enterprise-ready software infrastructure\" Sun Microsystems \"taking the world by storm\" \"this high profile announcement marks Tim O'Reilly the importance of single sign on identity technology to the future of the Internet\" ReadWriteWeb

Slide 3: What is OpenID? • Single sign-on for the web • Simple and light-weight (not going to replace your bank card pin) • Easy to use and deploy • Built upon proven existing technologies (DNS, HTTP, SSL/TLS, Diffie-Hellman) • Decentralized (you don't have to ask anyone permission to implement it) • Free!

Slide 4: An OpenID is a URI • URLs are globally unique and ubiquitous • OpenID allows proving ownership of an URI • People already have identity at URLs via blogs, photos, MySpace, FaceBook, etc • People already describe relationships via URLs (e.g. links to my friends)

Slide 5: OpenID is Decentralized

Slide 6: Benefits • Reduces the number of usernames and passwords • Simplifies new account creation • Allows for lightweight accounts • Simplifies internal SSO • Enables wide-spread benefit of strong authentication • Enables decentralized reputation • Enables social network portability

Slide 7: O M E How Does it Work? D

Slide 8: As a Conversation Who are you? I’m davidrecordon.com Prove it!

Slide 9: Discovers My Provider \"openid.server\" points to my OpenID Provider

Slide 10: (crypto happens)

Slide 11: Getting an OpenID http://openid.net/get/

Slide 12: OpenID is Really Easy

Slide 13: \"This is a geek's toy, nobody will ever have an OpenID!\"

Slide 14: ~160 million OpenIDs (including every AOL user) OpenID 1.1 - Estimated from various services

Slide 16: \"Nobody will ever use this!\"

Slide 17: Total Relying Parties (aka places you can login with OpenID) 6,000 4,500 3,000 1,500 0 ov b ay ly '06 ar ne ov ay ly '05 ct ec r g ne p ec '07 b ct ar r st 22 Ap Ap Au Fe Se Fe Ju Ju gu O O M M M M D D Ju Ju N N p p Jan Jan Au Se Se OpenID 1.1 - As viewed by MyOpenID.com

Slide 18: \"So that's great there are so many blogs, but what about something real?\"

Slide 20: \"What about security?\"

Slide 21: “Protocol Security?”

Slide 22: like any protocol...think as you implement

Slide 23: the best solutions may around the browser

Slide 24: MyVidoop Plugin (a password manager tied into your OpenID account add-on for Firefox)

Slide 25: Sxipper (a form filler password manager with OpenID integration add-on for Firefox)

Slide 26: Symantec Identity Client (OpenID form-fill, upcoming provider, and claims integration)

Slide 27: VeriSign's OpenID SeatBelt (an OpenID convenience and security add-on for Firefox) works with

Slide 28: IE Team has posted a job ad mentioning \"OpenID\" \"Does the idea of redefining the role of the Internet browser appeal to you? Do the terms HTTP, RSS, Microformats, and OpenID, excite you? If so, then this just might be the opportunity for you.\"

Slide 29: OpenID is great for innovation

Slide 30: “So, what about OpenID 2.0?”

Slide 31: OpenID 2.0 • Cleans up the 1.1 specification • Adds a few useful features • Robust extensibility • Enhanced service discovery • \"Directed identity\" • XRI • About six independent library implementations of final draft

Slide 32: “Any OpenID in the enterprise?”

Slide 33: Offer all employees OpenIDs; open source Enterprise SSO and identity manager with LDAP and OpenID Internal SSO for bug trackers and wikis OpenID Provider with plans to ship in enterprise products this year Shared OpenID Provider for their businesses and partners Project management, CRM, and billing for small businesses

Slide 34: Open.ID.ee

Slide 35: I come from E-stonia • A small EU country with ~1.3M inhabitants • Access to internet considered a “civil right” • Had first parliament elections over the internet in 2005 • 80%+ of the population have a digital ID- card

Slide 36: ID-card

Slide 37: ID-card is a... • Photo ID like any other • We are interested in Electronic ID: • The chip contains your name, age, gender and social security number • Two PIN codes: one for authentication and one for signing documents

Slide 38: Authentication • Is about proving who you are. • Available to any service that wants to use it • Online banking • Filing your taxes • Various other services

Slide 43: \"How does this happen?\"

Slide 44: Entering your PIN code is your consent to send personal data to the service

Slide 45: Yes/No decision

Slide 46: \"So what is the problem?\"

Slide 47: Users do not always want this. Users want control of their personal data.

Slide 48: What is Identity? • Wikipedia: “the sameness of two things” • “Things” are users • Users are website visitors • “Who are you?”

Slide 49: Are you the same you that signed up with us?

Slide 50: ID-card contains government verified identity

Slide 51: Same Can be Different • Bank: Martin Paljak, the account owner • Forum: user who registered as “catluvr99” • Blog: author of the comment • http://open.id.ee/martin.paljak is Martin Paljak

Slide 52: Is the OpenID you present the same as we have in our database?

Slide 53: Websites really need to match identifiers, not collect your personal data.

Slide 54: Solution: OpenID • id.ee => open.id.ee • OpenID service that uses ID-cards for authentication • Gives users more control over their private data • Is NOT a government enforced/controlled service

Slide 55: Simplicity • One privacy policy to check • One trust decision to make • One purpose for the OpenID service • Encapsulate and protect users’ private data

Slide 56: No need to sign up, it JustWorks

Slide 57: ... if you have the needed hardware and software ...

Slide 61: \"So if everybody implements OpenID, are we all happy?\"

Slide 62: \"What about website developers?\"

Slide 63: ID-card Sucks! • Implementing support is difficult • Technically challenging (SSL certificates and such) • Users don’t like ID-cards anyway as they are often afraid of privacy issues • Most sites don’t need so high security • So... why bother?

Slide 64: I Forgot! • Mobile-ID: same stuff inside your GSM SIM card • Same technology inside ... • ... but totally different to implement ... • ... AGAIN!!!

Slide 65: What is Mobile-ID? • Smaller ID-card • No hardware needed - your phone is your card reader • No need to install software to use it online - websites have it

Slide 68: beep-beep!

Slide 70: If you’re going to write new code, why not OpenID code?

Slide 71: Benefits of OpenID • Only one interface to implement • And lots of expertise available globally • If website uses open.id.ee service exclusively, it has instant access to both ID-cards and Mobile-ID authentication • ... with privacy features included @ no cost

Slide 72: So ... • Users get more control over their private data and OpenID provides it • Websites have a simple and easy way to integrate newest authentication technologies with OpenID

Slide 73: Finally a win-win solution?

Slide 74: Almost there ...

Slide 75: Anonymity • Users want anonymity • At least partial • Remaining anonymous is a privilege • Spam, death threats etc must be punishable

Slide 76: The story • Riots in Tallinn that leaded to cyber-attacks • Petition letter to force a politician resign collected almost 100k names and e-mails • Including “George Bush”, “Rex the dog” and “!@#$ you” • Result: nothing.

Slide 77: OpenID 2.0 • New feature: identity selection • You get to choose the OpenID sent to the website • Choose between open.id.ee/martin.paljak ...

Slide 78: or http://open.id.ee/5a0eaba4bb1fb68a39ddec57c15dbff1543d6f461b2203f74

Slide 79: Anonymous OpenID • No (zero) personal data in the URL • One anonymous URL per user per website • The “account” problem mitigated • Still a guarantee that the user behind the OpenID is a real person

Slide 82: Extra Features • Identity theft virtually impossible • re-claiming is painless • Some registration data is always true • If user chooses to send it • “Why do they need it?”

Slide 83: Why do I Care? • I’m a user too! • We export the ID technology of Estonia • Online privacy issues are being discussed • Verified anonymity contributes to e-democracy

Slide 84: Why you should care! • Implement OpenID - get access to our technology • Other EU countries deploying ID-cards • Similar problems • Similar solutions • OpenID is designed for interoperability • ID-cards are in theory

Slide 85: Thanks! Questions? http://openid.net/ https://open.id.ee/about/english David Recordon Martin Paljak davidrecordon.com http://ideelabor.ee david@sixapart.com martin@ideelabor.ee

© 2008 SlideShare Inc. All Rights Reserved.
App10.ss is serving you.